Vulnslist

find the latest Cisco vulnerabilities

Cisco Webex Services Cross-Site Scripting Vulnerabilities

cisco-sa-webex-xss-7teQtFn8 · Medium · Published · Updated

Multiple vulnerabilities in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. These vulnerabilities are due to improper filtering of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user to follow a malicious link. A successful exploit could allow the attacker to conduct a cross-site scripting attack against the targeted user. Cisco has addressed these vulnerabilities in the service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address the vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-7teQtFn8

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2025-20246, CVE-2025-20247, CVE-2025-20250
Cisco Bug IDsCSCwo64686, CSCwo64795, CSCwo64799
CVSS ScoreBase 6.1
Base 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Webex Meetings

CSAF Product Statuses

Product Status Source CVE Rows
Cisco Webex Meetings known_affected cisco_csaf CVE-2025-20246, CVE-2025-20247, CVE-2025-20250 3

Related Products

Product CVE Evidence
Cisco Webex Meetings CVE-2025-20246 Cisco OpenVuln
Cisco Webex Meetings CVE-2025-20247 Cisco OpenVuln
Cisco Webex Meetings CVE-2025-20250 Cisco OpenVuln