CVE-2020-26067

Name of the Vulnerable Software and Affected Versions Cisco Webex Teams (affected versions not specified)

Description A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The issue is due to improper validation of usernames, allowing an attacker to create an account with malicious HTML or script content and join a space using the malicious account name. This could enable the attacker to conduct cross-site scripting attacks and potentially gain access to sensitive browser-based information.

Recommendations For all affected versions, update to the latest software version released by Cisco, as it addresses this vulnerability. At the moment, there is no information about additional mitigation measures or workarounds that address this vulnerability.