Medium5.4Cisco Updated
Cisco Slido Insecure Direct Object Reference Vulnerability
cisco-sa-slido-idor-CpsFmKxN Published May 6, 2026Updated by vendor May 6, 2026
CVE-2026-20219
Affected products & platforms
CiscoUnified CommunicationsWebex
Summary
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed.
Affected versions
- Scope: This vulnerability affects Cisco Slido, which is cloud based.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Temporary workarounds
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.