CVE Details
Basic Information
| Title |
CVE-2025-20247 |
| Type |
cve |
| Published |
2025-05-21T17:15:56 |
| Last Seen |
2025-05-21T17:24:50 |
CVSS Information
| Base Score |
6.1 (MEDIUM) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
NONE |
| User Interaction |
REQUIRED |
| Scope |
CHANGED |
| Confidentiality Impact |
LOW |
| Integrity Impact |
LOW |
| Availability Impact |
NONE |
AI Analysis
| AI Description |
A vulnerability in Cisco Webex allows remote attackers to perform cross-site scripting (XSS) attacks due to improper input filtering. Attackers can exploit this by tricking users into following malicious links, leading to potential data theft or session hijacking. |
| AI Severity |
Medium |
| Vendor |
Cisco Systems |
| Product |
Cisco Webex |
| Affected Version |
Unknown |
Additional Information
| CVE List |
CVE-2025-20247 |
| CWE List |
CWE-79 |
| Bulletin Family |
cve |
Description
A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.
A vulnerability is due to improper filtering of user-supplied input. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to conduct a cross-site scripting attack against the targeted user.
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)
View Full CVE Details
