A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an authenticated, remote attacker

APPLICATION

CISCO

02-07-2025 14:41

CVE-2025-20307 Vulnerabilidad documentada

4.8 MEDIUM

Tags

#xss

#site

#exploit

#cross

#web

#form

#cross-site

#admin

#cisco

#application

#vulnerability

#browser

#cross-site scripting

#affected

#authenticated

#arbitrary

#scripting

#remote

#malicious

#inject

#execute

#allow

#attack

#access

#affect

Descripción

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user interface. This is due insufficient validation user-supplied input by affected system. An exploit this injecting malicious code into specific pages interface. A successful execute arbitrary script context or access sensitive, browser-based information. To vulnerability, must have valid administrative credentials.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-O696ymRA

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-20307

Resultados similares

Coincidentes en almenos en 50% de los tags

02-07-2025 CVE-2025-20309
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communic...
Ver información

02-07-2025 CVE-2025-20310
A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an unauthent...
Ver información