CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6961
https://notcve.org/view.php?id=CVE-2013-6961
Cross-site scripting (XSS) vulnerability in the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36237. Vulnerabilidad de XSS en Collaboration Partner Access Console (CPAC) de Cisco WebEx Meeting Center permite a atacantes remotos inyectar script web o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36237. • http://osvdb.org/100905 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6961 http://www.securityfocus.com/bid/64288 http://www.securitytracker.com/id/1029494 https://exchange.xforce.ibmcloud.com/vulnerabilities/89696 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2010-3270
https://notcve.org/view.php?id=CVE-2010-3270
Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. Desbordamiento de búfer basado en pila en Cisco WebEx Meeting Center T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a usuarios remotos asistidos por usuarios a ejecutar código de su elección mediante un fichero .atp manipulado y desconectándolo de la conferencia. NOTA: Dado que es una cuestión exclusiva de las especificaciones del sitio sin efecto concreto para los usuarios, podría ser rechazada. • http://securitytracker.com/id?1025015 http://tools.cisco.com/security/center/viewAlert.x?alertId=22355 http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities http://www.securityfocus.com/archive/1/516095/100/0/threaded http://www.securityfocus.com/bid/46078 http://www.vupen.com/english/advisories/2011/0260 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •