2 matches found
CVE-2025-20168
A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20168
Cisco Common Services Platform Collector (CSPC) web-based management interface is vulnerable to cross-site scripting (XSS) due to insufficient input validation. An authenticated, remote attacker with at least a low-privilege account can inject malicious code into specific pages to execute scripts...