A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2021-11-04T15:35:45.040664Z
Updated: 2024-09-16T19:36:28.988Z
Reserved: 2021-08-25T00:00:00
Link: CVE-2021-40115
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-04T16:15:09.287
Modified: 2023-11-07T03:38:28.517
Link: CVE-2021-40115
Redhat
No data.