How severe is CVE-2021-1420?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2021-1420?

This is classified as CWE-80, which is a common weakness in software security.

CVE-2021-1420 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by persuading a user to follow a crafted link that is designed to pass HTML code into an affected parameter. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks.

Related Vulnerabilities

CVE-2023-24496

MEDIUM

CVSS:4.7(Medium)

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code i...

CWE-802023

CVE-2023-24497

MEDIUM

CVSS:4.7(Medium)

CWE-802023

CVE-2024-25690

MEDIUM

CVSS:4.7(Medium)

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render ar...

CWE-802024

CVE-2017-20098

MEDIUM

CVSS:4.8(Medium)

A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent...

CWE-802017

CVE-2019-18944

MEDIUM

CVSS:4.8(Medium)

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.

CWE-802019

CVE-2020-5267

MEDIUM

CVSS:4.8(Medium)

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be...

CWE-802020