Cisco » Webex Social : Security Vulnerabilities, CVEs,

CVE-2013-3392

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco WebEx Social allow remote attackers to hijack the authentication of arbitrary users via unspecified vectors, aka Bug IDs CSCuh10405 and CSCuh10355.
Max CVSS
4.3
EPSS Score
0.08%
Published
2013-06-21
Updated
2013-06-24

CVE-2013-1245

The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows remote authenticated users to bypass intended access restrictions via crafted requests, aka Bug ID CSCue67190.
Max CVSS
4.0
EPSS Score
0.06%
Published
2013-05-16
Updated
2013-05-16

CVE-2013-1244

Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in a post, aka Bug ID CSCue67199.
Max CVSS
3.5
EPSS Score
0.06%
Published
2013-05-16
Updated
2013-05-16

CVE-2013-1107

The search function in Cisco Webex Social (formerly Cisco Quad) allows remote authenticated users to read files via unspecified parameters, aka Bug ID CSCud40235.
Max CVSS
4.0
EPSS Score
0.08%
Published
2013-02-06
Updated
2013-02-07

CVE-2012-6397

Cross-site scripting (XSS) vulnerability in Cisco WebEx Social (formerly Cisco Quad) allows remote attackers to inject arbitrary web script or HTML via a crafted RSS service link, aka Bug ID CSCub61977.
Max CVSS
4.3
EPSS Score
0.10%
Published
2013-01-17
Updated
2013-01-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close