Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users affected system.<br><br> This exists because does not properly validate user-supplied input. An exploit this by inserting malicious code into specific data fields interface. A successful execute arbitrary script context or access sensitive, browser-based information. To vulnerability, must have valid administrative credentials.<br><br> Cisco has released software updates that address vulnerability. There are no workarounds vulnerability.<br><br> This advisory is available at following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20280 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP CISCO