CVE-2025-20304 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface cross site scripting (cisco-sa-ise-multiple-vulns-O9BESWJH)

Inserito da Angelo Barbosa | Nov 5, 2025 | CVE

A vulnerability marked as problematic has been reported in Cisco Identity Services Engine Software. The affected element is an unknown function of the component Web-based Management Interface. Performing manipulation results in cross site scripting.

This vulnerability was named CVE-2025-20304. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2025-20304 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface cross site scripting (cisco-sa-ise-multiple-vulns-O9BESWJH)

Post correlati

CVE-2025-3496 | Auma AC1.2/MEC 03.01/PROFOX/SGx/SVx/TIGRON/TIGRON SIL Bluetooth/RS-232 Interface buffer overflow (VDE-2025-026)

CVE-2025-59456 | JetBrains TeamCity up to 2025.07.1 Project Archive Upload path traversal

CVE-2025-25952 | Serosoft Academia Student Information System EagleR 1.0.118 API Request getStudemtAllDetailsById?studentId=XX resource injection

CVE-2024-26151 | FelixSchwarz mjml-python 0.10.0 input validation