CNNVD-202509-3820 Information

CNNVD ID

CNNVD-202509-3820

Related CVE

CVE-2025-20240

• CNNVD Published: 2025-09-24

Description (Chinese)

Cisco IOS XE Software是美国思科（Cisco）公司的一种网络操作系统。 Cisco IOS XE Software存在安全漏洞，该漏洞源于用户输入清理不当，可能导致反射型跨站脚本攻击。

Description (English)

Cisco IOS XE Software is a network operating system of Cisco. Cisco IOS XE Software had a security loophole, which stemmed from inappropriate user input clean-up and could lead to a reflective cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Citadel

Published

2025-09-24

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-xss-VWyDgjOU https://access.redhat.com/security/cve/cve-2025-20240

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-xss-VWyDgjOU