CVE-2020-27126

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings (affected versions not specified)

Description: The issue is related to improper validation of user-supplied input to an application programmatic interface (API) within Cisco Webex Meetings, allowing an unauthenticated, remote attacker to conduct cross-site scripting attacks. An attacker could exploit this by convincing a targeted user to follow a link designed to submit malicious input to the API used by Cisco Webex Meetings. A successful exploit could allow the attacker to conduct cross-site scripting attacks and potentially gain access to sensitive browser-based information from the system of a targeted user.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.