Cisco WebEx Social (formerly Cisco Quad)

CPE Details

Cisco WebEx Social (formerly Cisco Quad)
cisco
webex_social
-
2013-01-18
17h13 +00:00
2013-01-18
21h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:webex_social:-:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

webex_social

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-3392 2013-06-21 21h00 +00:00 Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco WebEx Social allow remote attackers to hijack the authentication of arbitrary users via unspecified vectors, aka Bug IDs CSCuh10405 and CSCuh10355.
4.3
CVE-2013-1244 2013-05-16 01h00 +00:00 Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in a post, aka Bug ID CSCue67199.
3.5
CVE-2013-1245 2013-05-16 01h00 +00:00 The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows remote authenticated users to bypass intended access restrictions via crafted requests, aka Bug ID CSCue67190.
4
CVE-2013-1107 2013-02-06 11h00 +00:00 The search function in Cisco Webex Social (formerly Cisco Quad) allows remote authenticated users to read files via unspecified parameters, aka Bug ID CSCud40235.
4
CVE-2012-6397 2013-01-17 15h00 +00:00 Cross-site scripting (XSS) vulnerability in Cisco WebEx Social (formerly Cisco Quad) allows remote attackers to inject arbitrary web script or HTML via a crafted RSS service link, aka Bug ID CSCub61977.
4.3
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.