CVE-2026-20111
Unknown Unknown - Not Provided
Stored XSS in Cisco Prime Infrastructure Web Interface

Publication date: 2026-02-04

Last updated on: 2026-03-10

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-04
Last Modified
2026-03-10
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-14
NVD
CVE-2026-20111
EUVD
EUVD-2026-5423
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
cisco prime_infrastructure 3.10.6
cisco prime_infrastructure to 3.9 (inc)
cisco prime_infrastructure From 3.10 (inc) to 3.10.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Detection Guidance

I don't know

Executive Summary

CVE-2026-20111 is a medium-severity stored cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco Prime Infrastructure.

This vulnerability occurs because the interface does not properly validate user-supplied input, allowing an authenticated remote attacker with valid administrative credentials to inject malicious script code into specific data fields.

A successful exploit enables the attacker to execute arbitrary scripts within the context of the affected interface or access sensitive browser-based information.

Impact Analysis

If exploited, this vulnerability allows an attacker with administrative credentials to execute arbitrary script code in the context of the Cisco Prime Infrastructure web interface.

This can lead to unauthorized access to sensitive browser-based information and potentially compromise the security of the management interface.

Because the attacker must have valid administrative credentials and user interaction is required, the risk is somewhat limited but still significant.

Mitigation Strategies

To mitigate this vulnerability, Cisco strongly recommends upgrading Cisco Prime Infrastructure to release 3.10.6 Security Update 02 or later, where the vulnerability is fixed.

There are no available workarounds or mitigations other than upgrading to the fixed release.

Customers should obtain the fixed software through Cisco or authorized partners and ensure their devices meet hardware and software requirements for the upgrade.

For additional assistance, contacting Cisco Technical Assistance Center (TAC) support is advised.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20111. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart