CVE-2026-20088 in Enterprise NFV Infrastructure Softwareinformation

Résumé (Anglaise)

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface.

This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsable

cisco

Réserver

08/10/2025

Divulgation

01/04/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
354727Cisco Enterprise NFV Infrastructure Software Web-based Management cross site scripting79Non définiCorrectif officielCVE-2026-20088

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Want to stay up to date on a daily basis?

Enable the mail alert feature now!