Security Fix Announced For Cisco Web Conferencing
|
Posted by Ken Molay
|
Cisco released a security patch today for its Unified Meeting Place web conferencing software. The problem was reported on security site Secunia.com as an opportunity for a "malicious user" (love that phrase!) to embed nasty HTML into the first name and last name parameters that are passed as part of a long login URL. This is known as cross-site scripting (XSS).
Cisco has a nice information page set up as public information and response to the threat. They recommend applying a hotfix (patch) to the software, but the fix is not available on the page. I assume it can be referenced from the internal bug report accessible by registered users of the product.
Other posts by Ken Molay
- 45 Minutes Is The New Hour In Web Conferencing
- Stop Speaking For Free
- Your Web Conferencing Bits May Be Limited
- Friday Fun: Is The Presentation Ready Yet?
- Summary Of Web Conferencing Vendors Available
- Webinar Gets Terminology Approval in NY Times
- Webinar Is Not A Marketing Term
- Registering For A Webinar Recording
- Webinars - A Waste Of Time?
- LearningWare Posts Webinar Survey Results
Recent posts
Featured posts
Subscribe to or syndicate WebinarWire
Search EventSpan.com for upcoming or recorded online events:
Webinar Wire is part of the EventSpan publishing network.