Cross-Site Scripting Vulnerability in Cisco Unified Intelligent Contact Management Enterprise
CVE-2025-20273
What is CVE-2025-20273?
A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise allows an unauthenticated remote attacker to perform cross-site scripting (XSS) attacks. This is caused by inadequate user input validation, enabling attackers to potentially exploit the vulnerability by convincing users to click malicious links. Successful exploitation could allow arbitrary script code execution within the context of the affected interface and could lead to unauthorized access to sensitive browser data.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Cisco Unified Intelligent Contact Management Enterprise 10.5(2)_ES15
Cisco Unified Intelligent Contact Management Enterprise 10.5(1)_ES20
Cisco Unified Intelligent Contact Management Enterprise 10.5(2)_ES17
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved