CVE-2018-15461

Name of the Vulnerable Software and Affected Versions Cisco Webex Business Suite (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input in the MyWebex component, allowing an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. An attacker could exploit this by convincing a user to click a crafted URL, potentially directing the user to a malicious site. The attacker may use misleading language or instructions to persuade the user to follow the provided link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.