CNNVD-202601-3419 Information
CNNVD ID
CNNVD-202601-3419
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
Cisco Unified Contact Center Enterprise和Cisco Packaged Contact Center Enterprise都是美国思科(Cisco)公司的产品。Cisco Unified Contact Center Enterprise是一个统一联络中心。Cisco Packaged Contact Center Enterprise是一个客户接触中心系统。 Cisco Unified Contact Center Enterprise和Cisco Packaged Contact Center Enterprise存在跨站脚本漏洞,该漏洞源于基于Web的管理接口未正确验证用户输入,可能导致经过身份验证的远程攻击者进行跨站脚本攻击。
Description (English)
Cisco Unified Contact Center Enterprise and Cisco Packaged Contact Center Enterprise are all Cisco products. Cisco Unified Contact Center Enterprise is a unified focal point. Cisco Packaged Contact Center Enterprise is a customer contact centre system. Cisco Unified Contractor Enterprise and Cisco Packaged Contractor Enterprise had a cross-site script loophole, which stemmed from the incorrect validation of user input from a Web-based management interface, which could lead to a cross-site attack by an identified remote assailant.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
思科
Published
2026-01-21
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-pcce-xss-2JVyg3uD https://access.redhat.com/security/cve/cve-2026-20055