Skip to main content

Cisco Webex App

1 CVEs product

Monthly

CVE-2026-20178 MEDIUM This Month

Open redirect in the browser-based Cisco Webex App allowed unauthenticated remote attackers to redirect users to attacker-controlled websites by crafting malicious URLs with manipulated parameters. The vulnerability (CWE-601) stems from improper input validation of URL parameters in HTTP requests and scores CVSS 4.3 Medium (AV:N/AC:L/PR:N/UI:R). Cisco has fully remediated this server-side with no customer action required; no public exploit or CISA KEV listing exists at time of analysis.

Cisco Open Redirect Cisco Webex App
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM This Month

Open redirect in the browser-based Cisco Webex App allowed unauthenticated remote attackers to redirect users to attacker-controlled websites by crafting malicious URLs with manipulated parameters. The vulnerability (CWE-601) stems from improper input validation of URL parameters in HTTP requests and scores CVSS 4.3 Medium (AV:N/AC:L/PR:N/UI:R). Cisco has fully remediated this server-side with no customer action required; no public exploit or CISA KEV listing exists at time of analysis.

Cisco Open Redirect Cisco Webex App
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy