CVE-2025-20166 | Cisco Common Services Platform Collector Software 2.11/2.11.0.1/2.11.0.2/2.11.0.3/30.1.1-0 Interface cross site scripting (cisco-sa-cspc-xss-CDOJZyH)

Inserito da Angelo Barbosa | Gen 8, 2025 | CVE

A vulnerability classified as problematic was found in Cisco Common Services Platform Collector Software 2.11/2.11.0.1/2.11.0.2/2.11.0.3/30.1.1-0. Affected by this vulnerability is an unknown functionality of the component Interface. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-20166. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-20166 | Cisco Common Services Platform Collector Software 2.11/2.11.0.1/2.11.0.2/2.11.0.3/30.1.1-0 Interface cross site scripting (cisco-sa-cspc-xss-CDOJZyH)

Post correlati

CVE-2024-2843 | WooCommerce Customers Manager Plugin up to 30.0 on WordPress cross-site request forgery

CVE-2024-52049 | Trend Micro Apex One/Apex One as a Service LogServer link following

CVE-2024-36389 | MileSight DeviceHub random values

CVE-2024-10177 | markkinchin Beds24 Online Booking Plugin up to 2.0.26 on WordPress Shortcode beds24-link cross site scripting