Skip to main content

Webex Training Center CVE-2013-6963

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2013-12-14 psirt@cisco.com
4.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:N/I:P/A:N
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
P
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 14, 2013 - 22:55 cve.org
MEDIUM 4.3

DescriptionCVE.org

Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36207.

AnalysisAI

Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36207. Affected products include: Cisco Webex Training Center.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2017-6753 HIGH
8.8 Jul 25

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated,

CVE-2013-6710 MEDIUM
6.8 Dec 14

Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the aut

CVE-2013-1109 MEDIUM
6.8 Jan 17

Cross-site request forgery (CSRF) vulnerability in testingLibraryAction.do in the Training Center testing library in Cis

CVE-2013-6966 MEDIUM
5.8 Dec 17

Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web si

CVE-2013-6971 MEDIUM
5.8 Dec 14

Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web si

CVE-2019-15987 MEDIUM
5.3 Nov 26

A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center

CVE-2013-6972 MEDIUM
5.0 Dec 14

Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conf

CVE-2013-6968 MEDIUM
5.0 Dec 14

Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail

CVE-2013-6965 MEDIUM
5.0 Dec 14

The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation i

CVE-2014-2199 MEDIUM
5.0 May 20

meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meeti

CVE-2013-6709 MEDIUM
5.0 Dec 14

The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed,

CVE-2013-6973 MEDIUM
4.3 Dec 14

Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul5712

Share

CVE-2013-6963 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy