CVE-2021-1517

MEDIUM Year: 2021
CVSS v3 Score
4.3
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-693
View all →

Vulnerability Description

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker could exploit this vulnerability by sharing a file through the multimedia viewer feature. A successful exploit could allow the attacker to bypass security protections and prevent warning dialogs from appearing before files are offered to other users.

Related Vulnerabilities

CVE-2019-12938

MEDIUM
CVSS:4.3(Medium)

The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via...

CWE-6932019

CVE-2021-31608

MEDIUM
CVSS:4.3(Medium)

Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.

CWE-6932021

CVE-2022-43432

MEDIUM
CVSS:4.3(Medium)

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers f...

CWE-6932022

CVE-2022-43433

MEDIUM
CVSS:4.3(Medium)

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for do...

CWE-6932022

CVE-2023-0141

MEDIUM
CVSS:4.3(Medium)

Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

CWE-6932023

CVE-2023-28284

MEDIUM
CVSS:4.3(Medium)

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CWE-6932023