THREATOPS
THREAT OPSThreat News › Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

lowcisco_psirtPublished 2026-04-15

<p>Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative&nbsp;<em>write </em>privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device.</p> <p>These vulnerabilities are due to i

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1