cvedb.io
CVE-2023-20096
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2023-04-05T19:15:07.840 · Last modified 2026-06-17T05:29:28.210

Summary

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. This vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by entering crafted text into various input fields within the web-based management interface. A successful exploit could allow the attacker to perform a stored XSS attack, which could allow the execution of scripts within the context of other users of the interface.

Affected products

cisco — unified_contact_center_express

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.