CVE-2019-1680

Name of the Vulnerable Software and Affected Versions Cisco Webex Business Suite versions prior to 3.0.9

Description A vulnerability in Cisco Webex Business Suite exists due to improper validation of input, allowing an unauthenticated, remote attacker to inject arbitrary text into a user's browser. This can be exploited by convincing a targeted user to view a malicious URL, potentially leading to spoofing attacks.

Recommendations For versions prior to 3.0.9, update to version 3.0.9 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious URLs to minimize the risk of exploitation.