Cisco · Cisco Webex · CVE-2026-20149
**Name of the Vulnerable Software and Affected Versions**
Cisco Webex (affected versions not specified)
**Description**
A flaw exists in Cisco Webex that could allow a remote attacker to perform a cross-site scripting (XSS) attack without needing to authenticate. This issue stems from insufficient filtering of user-provided input. An attacker could exploit this by tricking a user into clicking a malicious link, potentially leading to an XSS attack against the user.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.