Cert-In-Advisories

[CIVN-2026-0047] Cross-Site Scripting Vulnerability in CISCO

By Published On: January 28, 2026

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Cross-Site Scripting Vulnerability in CISCO 
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: MEDIUM
Systems Affected
Cisco ISE and Cisco ISE-PIC
Overview
A vulnerability has been reported in web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
Target Audience: 
All IT administrators and individuals responsible for maintaining and updating in Software.
Risk Assessment:
High risk of data manipulation and service disruption.
Impact Assessment:
Potential impact on confidentiality, integrity, and availability of the system.
Description
This vulnerability exists due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface.
Successful exploitation of this vulnerability could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Solution
Apply appropriate updates as mentioned in Cisco Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5
Vendor Information
CISCO
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5
References
CISCO
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5
CVE Name
CVE-2026-20047
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAml6IkoACgkQ3jCgcSdc
ys/BNhAAoPuzcfURXegpcJAz8wXpEWW9t1dKFTEBP3PzoECDBKEgNUmQAtDt0lm2
CbtdMXTqgn0BBbIpNJDWkJ+SGf68VmFD8U+PdwV2PkNzfHFhmKsmC7Wod+QvkL7B
XhaxM9uC7O/6RNgOv6MEybp8nI86yAFdg1Crnmj5R2skGQf4dL6acwc6SeNadI/z
oGiwxf5JEnv9jgZ9ZeFyQSYHviV+TBHMTi2O9rXresZMkclKBlCH02fZA1sxyy+c
ymq9klLaco+esgsu8o28s3kDyQl+StN6qsFEd6qZXoxR8b+MbqI3/xIgaIIL/ItI
kw53aNCpPbRyfDiz9L9XAJRwz746MfesD9G2omCpgAbxn0KK/paw+Ggeh+GUpwUt
Rw9zOYHX5l/0D6aR4BvHQXRC/mqAuMmCfWCr22SJXWMxbuBOoVkaXze0h/IdnnIR
Gc/6Blt7MRx8KicHdsyYqoNYExNLXwjMZxwmUCVYQrx76M2bpycvxaoTK37tcGt8
GSADReXcU4pPFnBNBro5llzMNCHbWoGyb1QiWNiBW+fkY4SBA3QkDeQqmkF+eFxA
hY0h09S1t1tRlyW3i08PvyxzHmY5ZvUD1bSj3qiMGNJxfpzrxjrmYadmudT7waim
sZx/kEpXNFmsWNSA3w0+lEGgCvNKtiyDMIBq6VgRCaok5MjP7+8=
=dfoS
—–END PGP SIGNATURE—–

Share this article

Related Posts

[CIVN-2026-0062] Multiple Remote Code Execution Vulnerabilities in n8n

[CIVN-2026-0062] Multiple Remote Code Execution Vulnerabilities in n8n

January 30, 2026
[CIVN-2026-0061] Multiple Vulnerabilities in VMware products

[CIVN-2026-0061] Multiple Vulnerabilities in VMware products

January 30, 2026
[CIVN-2026-0060] Multiple Vulnerabilities in SolarWinds

[CIVN-2026-0060] Multiple Vulnerabilities in SolarWinds

January 30, 2026
Total Views: 44|Daily Views: 2
Follow us :

Categories

Archives

Join our team

Join us today latest article updates!