CVE-2025-20250

Опубликовано: 21 мая 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.

A vulnerability is due to improper filtering of user-supplied input. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to conduct a cross-site scripting attack against the targeted user.

Ссылки

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-7teQtFn8
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings:-:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00032

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-m526-j28f-j8qx

CVSS3: 6.1

github

7 месяцев назад

A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. A vulnerability is due to improper filtering of user-supplied input. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to conduct a cross-site scripting attack against the targeted user.

BDU:2025-06738

CVSS3: 6.1

fstec

7 месяцев назад

Уязвимость облачной платформы для веб-конференцсвязи Cisco Webex, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

EPSS

Процентиль: 9%

0.00032

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79