CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

June 4, 2025

CVE ID : CVE-2025-20279

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.

This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20286 – “Cisco ISE Cloud Credential Exposure Vulnerability”

Next Article CVE-2025-20278 – “Cisco Unified Communications Command Injection Vulnerability”

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

CVE-2025-29529 – ITC Systems Multiplan/Matrix OneCard SQL Injection

The 25 best Black Friday robot vacuum deals 2024: Early sales live now

ScyllaDB 6.0 debuts with new replication architecture for greater elasticity

The A24 Elden Ring movie is real and has a director, but I have no idea how it’s going to work

Spike Testing Tutorial: Mastering Performance Under Extreme Loads

Exploring the Essential Types of Enterprise Software for Modern Businesses

O1-Pruner: Streamlining Long-Thought Reasoning in Language Models

Audio-Technica is turning the tables with new earbuds offering 65 hours of playback

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

Related Posts