CVE-2026-20117 | Cisco Unified Contact Center Express up to UCCX 15.0.1 Web-based Management Interface cross site scripting (cisco-sa-cc-xss-MrNAH5Jh)

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability has been found in Cisco Unified Contact Center Express and classified as problematic. This affects an unknown function of the component Web-based Management Interface. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2026-20117. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-20117 | Cisco Unified Contact Center Express up to UCCX 15.0.1 Web-based Management Interface cross site scripting (cisco-sa-cc-xss-MrNAH5Jh)

Post correlati

CVE-2023-7146 | gopeak MasterLab up to 3.3.10 HTTP POST Request Feature.php sqlInjectDelete phone sql injection

CVE-2026-21656 | Johnson Controls Frick Controls Quantum HD up to 10.22 code injection (icsa-26-057-01)

CVE-2023-48122 | Microweber 2.0.1/2.0.2/2.0.3 HTTP GET Request information disclosure (Issue 1042)

CVE-2025-14083 | Keycloak Admin REST API information disclosure