ZDNet

Cisco WebEx Chrome extension allowed arbitrary code execution: Project Zero

Cisco has closed a remote code execution vulnerability in its WebEx extension for Chrome, after Project Zero's Tavis Ormandy alerted the networking giant to the issue on Saturday. According to Ormandy ...
ZDNet

XSS on WebEx domains undoes previous fixes to Cisco WebEx Chrome extension

At the start of this week, Google Project Zero security researcher Tavis Ormandy made public his discovery of a remote code execution vulnerability within Cisco's WebEx extension for Chrome. In his ...
Threat Post

Cisco Patches Another Critical Ormandy Bug in WebEx Extension

Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco’s WebEx extension for Chrome and Firefox that allows for remote code execution. Cisco has provided ...
Threat Post

Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’

Users of the conferencing platform should update immediately. A critical vulnerability in Cisco WebEx browser extensions that could allow unauthenticated remote code-execution (RCE) on targeted ...
Network World

Cisco scrambling to fix a remote-code-execution problem in WebEx

Cisco’s Webex Browser Extension contain a critical bug that can open up customers’ entire computers to remote code execution attacks if the browsers visit websites containing specially crafted ...