{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T21:36:49.030","vulnerabilities":[{"cve":{"id":"CVE-2021-1221","sourceIdentifier":"psirt@cisco.com","published":"2021-02-04T17:15:14.560","lastModified":"2024-11-21T05:43:51.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by entering a URL into a field in the user interface. A successful exploit could allow the attacker to generate a Webex Meetings invitation email that contains a link to a destination of their choosing. Because this email is sent from a trusted source, the recipient may be more likely to click the link."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de usuario de Cisco Webex Meetings y el software Cisco Webex Meetings Server, podría permitir a un atacante autenticado remoto inyectar un hipervínculo en un correo electrónico de invitación para una reunión. La vulnerabilidad es debido a una comprobación insuficiente de la entrada. Un atacante podría explotar esta vulnerabilidad al introducir una URL en un campo en la interfaz de usuario. Una explotación con éxito podría permitir al atacante generar un correo electrónico de invitación de Webex Meetings que contenga un enlace a un destino de su elección. Debido a que este correo electrónico se envía desde una fuente confiable, es más probable que el destinatario haga clic en el enlace"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*","versionEndExcluding":"41.1.0","matchCriteriaId":"264B9E30-8AB4-454F-BF92-018FF6719BF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0","matchCriteriaId":"DE22BE9B-374E-43DC-BA91-E3B9699A4C7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*","matchCriteriaId":"61D1081F-87E8-4E8B-BEBD-0F239E745586"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*","matchCriteriaId":"D36FE453-C43F-448B-8A59-668DE95468C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*","matchCriteriaId":"4D6CF856-093A-4E89-A71D-50A2887C265B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3_security_patch3:*:*:*:*:*:*","matchCriteriaId":"EA561408-D53D-43B9-A464-A413EC2E083E"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wbx-linkinj-WWZpVqu9","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wbx-linkinj-WWZpVqu9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}