CVE-2022-20654

Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings (affected versions not specified)

Description The issue exists due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. An attacker could exploit this by persuading a user to click a maliciously crafted link, potentially allowing the execution of arbitrary script code in the context of the affected interface or access to sensitive, browser-based information. This could enable the attacker to disclose protected information, modify the appearance of the web page, or conduct phishing and drive-by download attacks.

Recommendations For all affected versions of Cisco Webex Meetings, update to the latest software version released by Cisco, as it addresses this vulnerability. At the moment, there is no information about additional mitigation measures or workarounds that address this vulnerability.