THREATOPS
THREAT OPSThreat News › Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities

lowcisco_psirtPublished 2026-05-05

<p>Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.&nbsp;</p> <p>These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker cou

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1