The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows remote authenticated users to bypass intended access restrictions via crafted requests, aka Bug ID CSCue67190.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1245 | Vendor Advisory |
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1245 | Vendor Advisory |
Configurations
History
21 Nov 2024, 01:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1245 - Vendor Advisory |
Information
Published : 2013-05-16 03:36
Updated : 2024-11-21 01:49
NVD link : CVE-2013-1245
Mitre link : CVE-2013-1245
CVE.ORG link : CVE-2013-1245
JSON object : View
Products Affected
cisco
- webex_social
CWE
CWE-20
Improper Input Validation