THREAT OPS › Threat News › Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
<p>Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. </p> <p>These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker cou
MITRE ATT&CK techniques
Indicators of compromise
- CVE-2025-20204cve
- CVE-2025-20205cve