CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6965
https://notcve.org/view.php?id=CVE-2013-6965
The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183. El componente de registro en Cisco WebEx Training Center proporciona la URL de sesión antes de que se complete la confirmación por e-mail, lo que permite a atacantes remotos evitar las restricciones de acceso previstos y unirse a una conferencia de audio mediante la introducción de campos de credenciales de esta URL, también conocido como Bug ID CSCul36183. • http://osvdb.org/100911 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 http://www.securityfocus.com/bid/64281 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6711
https://notcve.org/view.php?id=CVE-2013-6711
Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul25540. Cross-site scripting (XSS) en la página de administración de creación de producto en Cisco WebEx Sales Center permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URL manipulada, también conocido como Bug ID CSCul25540. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6711 http://tools.cisco.com/security/center/viewAlert.x?alertId=32156 http://www.securitytracker.com/id/1029493 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6959
https://notcve.org/view.php?id=CVE-2013-6959
Open redirect vulnerability in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul25557. Vulnerabilidad de redirección abierta en Cisco WebEx Sales Center permite a atacantes remotos redirigir usuarios a sitios web de forma arbitraria y conducir ataques phishing a través de vectores no especificados, tambien conocido como Bug ID CSCul25557. • http://osvdb.org/100901 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6959 http://tools.cisco.com/security/center/viewAlert.x?alertId=32155 http://www.securitytracker.com/id/1029493 https://exchange.xforce.ibmcloud.com/vulnerabilities/89698 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6962
https://notcve.org/view.php?id=CVE-2013-6962
Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228. Vulnerabilidad de XSS en el subsistema mobile-browser de Cisco WebEx Meeting Center permite a atacantes remotos inyectar script o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36228. • http://osvdb.org/100906 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6962 http://www.securityfocus.com/bid/64275 http://www.securitytracker.com/id/1029494 https://exchange.xforce.ibmcloud.com/vulnerabilities/89694 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6968
https://notcve.org/view.php?id=CVE-2013-6968
Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. Cisco WebEx Training Center proporciona diferentes mensajes de error en intentos de registro dependiendo si la dirección de e-mail existe, lo que permite a atacantes remotos enumerar asistentes a través de una serie de peticiones, también conocido como Bug ID CSCul36003. • http://osvdb.org/100913 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6968 http://tools.cisco.com/security/center/viewAlert.x?alertId=32147 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89688 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •