Page 2 of 17 results (0.016 seconds)

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140. Vulnerabilidad de redirección abierta en Cisco WebEx Training Center permite a atacantes remotos redirigir a usuarios hacia sitios web arbitrarios o llevar a cabo ataques de phishing a través de vectores no especificados, también conocido como Bug ID CSCul57140. • http://osvdb.org/100910 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6971 http://tools.cisco.com/security/center/viewAlert.x?alertId=32146 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89653 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. Cisco WebEx Training Center permite a atacantes remotos descubrir números de sesión, y evadir la aprobación de host para asistencias de audio-conference, mediante la lectura de código fuente HTML, también conocido como Bug ID CSCul57126. • http://osvdb.org/100914 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6972 http://tools.cisco.com/security/center/viewAlert.x?alertId=32145 http://www.securityfocus.com/bid/64282 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89652 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36207. Vulnerabilidad de XSS en el componente de registro en Cisco WebEx Training Center permite a atacantes remotos inyectar script web o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36207. • http://osvdb.org/100907 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6963 http://www.securityfocus.com/bid/64277 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. La página training-registration en Cisco WebEx Training Center permite a atacantes remotos modificar campos no especificados a través de vectores desconocidos, también conocido como Bug ID CSCul35990. • http://osvdb.org/101003 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6969 http://www.securityfocus.com/bid/64305 https://exchange.xforce.ibmcloud.com/vulnerabilities/89684 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183. El componente de registro en Cisco WebEx Training Center proporciona la URL de sesión antes de que se complete la confirmación por e-mail, lo que permite a atacantes remotos evitar las restricciones de acceso previstos y unirse a una conferencia de audio mediante la introducción de campos de credenciales de esta URL, también conocido como Bug ID CSCul36183. • http://osvdb.org/100911 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 http://www.securityfocus.com/bid/64281 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 • CWE-264: Permissions, Privileges, and Access Controls •