CNNVD-202509-261 Information

CNNVD ID

CNNVD-202509-261

Related CVE

CVE-2025-20280

• CNNVD Published: 2025-09-03

Description (Chinese)

Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure都是美国思科（Cisco）公司的产品。Cisco Evolved Programmable Network Manager是一套网络管理解决方案。Cisco Prime Infrastructure是一个应用软件。用于简化无线和有线网络的管理。 Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure存在跨站脚本漏洞，该漏洞源于对用户输入验证不当，可能导致存储型跨站脚本攻击。

Description (English)

Cisco Evolved Programable Network Manager and Cisco Prime Infrastrucure are all Cisco products. Cisco Evolved Programme Network Manager is a web-based management solution. Cisco Prime Infrastructure is an application. To simplify the management of wireless and cable networks. Cisco Evolved Programable Network Manager and Cisco Prime Infrastructure have a cross-site script loophole, which results from inappropriate validation of user input and may lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Citadel

Published

2025-09-03

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP