CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

June 4, 2025

CVE ID : CVE-2025-20279

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.

This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20286 – “Cisco ISE Cloud Credential Exposure Vulnerability”

Next Article CVE-2025-20278 – “Cisco Unified Communications Command Injection Vulnerability”

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

7 reasons The Division 2 is a game you should be playing in 2025

Mastering TypeScript: How Complex Should Your Types Be?

Mastering TypeScript: How Complex Should Your Types Be?

IDMC – CDI Best Practices

PWC-IDMC Migration Gaps

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

CVE-2025-48906 – DSoftBus Authentication Bypass Vulnerability

CVE-2025-48907 – Apache IPC Deserialization Vulnerability

Exploring the Default Tiling Windows Feature in Ubuntu 24.04 (and Enhancing it)

Microsoft just put this controversial Notepad feature behind a paywall

Protect Your Streaming Accounts Now Before Itâ€™s Too Late

AI Agents Are Here—So Are the Threats: Unit 42 Unveils the Top 10 AI Agent Security Risks

Have a genius business idea? These 2 AI tools can help you turn it into a reality

Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT

8 Top Free and Open Source Clojure Web Frameworks

Command Prompt vs Windows Terminal: Which One Should You Use

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

Related Posts