CVE-2026-20111 in Prime InfrastructureИнформация

Сводка

по MITRE • 04.02.2026

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.

This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

Cisco

Резервировать

08.10.2025

Раскрытие

04.02.2026

Модерация

принято

Вход

VDB-344356

EPSS

0.00175

KEV

Нет

Деятельности

Очень низкий

Источники

Might our Artificial Intelligence support you?

Check our Alexa App!