CVE-2025-20216 – Cisco Catalyst SD-WAN Manager Cross-Site Scripting (XSS)

May 7, 2025

CVE ID : CVE-2025-20216

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user.

This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20202 – Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

Next Article CVE-2025-20200 – Cisco IOS XE Software CLI Privilege Escalation Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-20216 – Cisco Catalyst SD-WAN Manager Cross-Site Scripting (XSS)

CVE-2025-3769 – LatePoint WordPress Calendar Booking Plugin Insecure Direct Object Reference Vulnerability

CVE-2025-3931 – Yggdrasil DBus Unauthenticated Command Injection Vulnerability

A Shift From Browsers to Enterprise Targets: 2024 Zero-Day Exploitation Analysis

I went hands-on with Fallout 76’s Ghoul update and it’s exactly as much fun as you’d expect

Apple Vision Pro’s killer feature is finally here – and made my $3,500 investment more worth it

Salesforce Marketing Cloud Summer Release Updates â€™24

wttr.in â€“ curl the weather

Streamline Mass Insertions with Laravel’s fillAndInsert() Method

Google Chrome will finally have a built-in split screen feature

Nvidia signs largest car maker, Toyota, to use its self-driving chips

CVE-2025-20216 – Cisco Catalyst SD-WAN Manager Cross-Site Scripting (XSS)

Related Posts