Axel Flamcourt

#15791of 53,635
17.1Total CVSS
Vulnerabilities · 3
Medium
3
PT-2025-35811
5.5
2025-09-03
Cisco · Cisco Webex Meetings · CVE-2025-20328
**Name of the Vulnerable Software and Affected Versions** Cisco Webex Meetings (affected versions not specified) **Description** A vulnerability exists in the user profile component of Cisco Webex Meetings that could allow an authenticated, remote attacker with low privileges to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The issue is due to insufficient validation of user-supplied input to the user profile component. An attacker could exploit this by persuading a user to click a crafted link, potentially leading to an XSS attack against the targeted user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-3986
5.5
2022-08-03
Cisco · Cisco Webex Meetings · CVE-2022-20820
**Name of the Vulnerable Software and Affected Versions** Cisco Webex Meetings (affected versions not specified) **Description** The issue exists due to insufficient protection of the web page structure in the web interface of Cisco Webex Meetings. This could allow a remote attacker to conduct a cross-site scripting (XSS) attack. Additionally, there is a risk of a frame hijacking attack against a user of the web interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2021-15245
6.1
2021-01-21
Unknown · Revive Adserver · CVE-2021-22872
**Name of the Vulnerable Software and Affected Versions** Revive Adserver versions prior to 5.1.0 **Description** The issue is related to a reflected cross-site scripting (XSS) vulnerability. This vulnerability can be exploited via the afr.php delivery script, which is publicly accessible. Although this issue was previously addressed in modern browsers, some older browsers, such as IE10, that do not automatically URL encode parameters are still vulnerable. **Recommendations** For versions prior to 5.1.0, update to version 5.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the afr.php delivery script until a patch is applied. Avoid using older browsers that do not automatically URL encode parameters to minimize the risk of exploitation.