7 matches found
CVE-2026-20117
CVE-2026-20117 affects Cisco Unified Contact Center Express (Unified CCX) via the web-based management interface. The root cause is insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to perform cross-site scripting (XSS) by injecting malicious code into c...
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise Packaged CCE, Cisco Unified Contact Center Enterprise Unified CCE, Cisco Unified Contact Center Express Unified CCX, and Cisco Unified Intelligence Center could allow an...
CVE-2026-20055
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise Packaged CCE and Cisco Unified Contact Center Enterprise Unified CCE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-base...
CVE-2026-20055 Cisco Packaged Contact Center Enterprise & Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise Packaged CCE and Cisco Unified Contact Center Enterprise Unified CCE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-base...
CVE-2025-20375
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a...
CVE-2025-20358 Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability
A vulnerability in the Contact Center Express CCX Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution. This vulnerability is due to improper authenticatio...
Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability (CNVD-2017-08798)
Cisco Unified Contact Center Enterprise UCCE is a set of IP-based contact center components from Cisco. It provides intelligent contact routing, call processing, network-to-desktop computer telephony integration CTI, and multi-channel contact management capabilities over an IP infrastructure. A...