CVE-2025-20273 – Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability

June 4, 2025

CVE ID : CVE-2025-20273

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20278 – “Cisco Unified Communications Command Injection Vulnerability”

Next Article CVE-2025-20277 – Cisco Unified CCX Path Traversal Remote Code Execution

Highlights

CVE-2024-54189 – Parallels Desktop for Mac Root Privilege Escalation

June 3, 2025

CVE ID : CVE-2024-54189

Published : June 3, 2025, 10:15 a.m. | 1 hour, 13 minutes ago

Description : A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary file, potentially leading to privilege escalation.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-20273 – Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

µgRD – generate a custom initramfs environment

Meet Srinidhi Ranganathan: India’s ‘Human AI’ and Digital Marketing Legend

CVE-2025-32882 – GoTenna Encryption Malleability Vulnerability

April 2025 Wallpapers Edition

CVE-2024-54189 – Parallels Desktop for Mac Root Privilege Escalation

White Label App Development Guide for Startups & Agencies

CVE-2025-4735 – Campcodes Sales and Inventory System Unrestricted File Upload Vulnerability

CVE-2025-5474 – 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability

CVE-2025-20273 – Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability

Related Posts