CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

June 4, 2025

CVE ID : CVE-2025-20279

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.

This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20286 – “Cisco ISE Cloud Credential Exposure Vulnerability”

Next Article CVE-2025-20278 – “Cisco Unified Communications Command Injection Vulnerability”

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

7 reasons The Division 2 is a game you should be playing in 2025

Mastering TypeScript: How Complex Should Your Types Be?

Mastering TypeScript: How Complex Should Your Types Be?

IDMC – CDI Best Practices

PWC-IDMC Migration Gaps

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

CVE-2025-48906 – DSoftBus Authentication Bypass Vulnerability

CVE-2025-48907 – Apache IPC Deserialization Vulnerability

CERT NZ Warns of Critical Apache Tomcat Vulnerability (CVE-2025-24813) Under Active Exploitation

Understanding results of the cloud based load test in VSTS

How Rocket Companies modernized their data science solution on AWS

AlexNet, the AI model that started it all, released in source code form

ARCLE: A Reinforcement Learning Environment for Abstract Reasoning Challenges

Windows 11 now turns on OneDrive folder backup without your permission

Create and share color palette with ColorGeek made with Vue.js

A Coding Guide Implementing ScrapeGraph and Gemini AI for an Automated, Scalable, Insight-Driven Competitive Intelligence and Market Analysis Workflow

CVE-2025-20279 – Cisco Unified CCX Stored XSS Vulnerability

Related Posts