A vulnerability marked as problematic has been reported in Cisco Webex Meetings. This affects an unknown part of the component Web-based User Interface. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-20233. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.
| Vendor | Product | Versions |
|---|---|---|
| cis | webex meetings | 39.7.7, 39.9, 40.4.10, 39.6, 40.6.2, 39.8.2, 39.8.4, 40.1, 39.11, 39.7.4, 39.9.1, 40.4, 40.6, 39.7, 39.8, 39.8.3, 40.2, 39.10, 42.6, 42.7, 42.8, 42.9, 42.10, 42.11, 42.12, 43.1, 43.2, 43.3, 43.4, 43.4.1, 43.4.2, 43.5.0, 43.6.0, 43.6.1, 43.7, 43.8, 43.9, 43.10, 43.11, 43.12, 44.1, 44.2, 44.3, 44.4, 44.5, 44.6, 44.7, 44.8, 44.9, 44.10, 44.11, 44.12, 45.1, 45.2, 45.3, 45.4 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| cis | webex | cert_advisory | 90% |
Updated vendor to Cisco, severity to HIGH, marked as actively exploited, and provided a new description.
Initial creation
