Cross-Site Scripting Vulnerability in Cisco TelePresence Management Suite
CVE-2025-20208
5.4MEDIUM
What is CVE-2025-20208?
A vulnerability exists in the web-based management interface of Cisco TelePresence Management Suite, allowing low-privileged remote attackers to launch cross-site scripting (XSS) attacks. This issue stems from insufficient input validation within the interface. By injecting malicious data into a specific field, an attacker may execute arbitrary script code or access sensitive browser-based information, compromising user security.
Affected Version(s)
Cisco TelePresence Management Suite (TMS) TMS_15.13.6