CVE-2023-20120 Information

Description

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance formerly Cisco Web Security Appliance (WSA) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities see the Details section of this advisory.

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq