CVE-2025-20303 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface cross site scripting (cisco-sa-ise-multiple-vulns-O9BESWJH)

Inserito da Angelo Barbosa | Nov 5, 2025 | CVE

A vulnerability labeled as problematic has been found in Cisco Identity Services Engine Software. Impacted is an unknown function of the component Web-based Management Interface. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-20303. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2025-20303 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface cross site scripting (cisco-sa-ise-multiple-vulns-O9BESWJH)

Post correlati

CVE-2024-7187 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

CVE-2024-12505 | Trackserver Plugin up to 5.0.2 on WordPress cross site scripting

CVE-2023-51070 | QStar Archive Solutions 3-0 Build 7 Patch 0 SMB Setting access control

CVE-2022-48464 | Unisoc S8000 Wifi Service out-of-bounds write