CVE-2018-0276

Name of the Vulnerable Software and Affected Versions: Cisco WebEx Connect IM (affected versions not specified)

Description: A cross-site scripting (XSS) issue exists due to insufficient input validation of parameters passed to the web server. This could allow an unauthenticated, remote attacker to execute arbitrary script code in the context of the affected web interface or access sensitive browser-based information by convincing a user to follow a malicious link or intercepting a user request and injecting malicious code.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.