Improper input validation in Cisco Webex_training_center

CVE-2013-6969

The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.003 (57.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Webex_training_center
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cisco-webex-cve20136969-sec-bypass(89684) (vdb-entry, x_refsource_XF)
20131213 Cisco WebEx Training Center Training Registration Page Content Injection Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
64305 (vdb-entry, x_refsource_BID)
101003 (x_refsource_OSVDB, vdb-entry)