CVE-2026-20117
Cross-Site Scripting in Cisco Unified CCX Web Interface
Publication date: 2026-03-11
Last updated on: 2026-03-11
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | unified_contact_center_express | 15.0_es02 |
| cisco | finesse | 15.0(1)es202511 |
| cisco | packaged_contact_center_enterprise | * |
| cisco | unified_contact_center_enterprise | * |
| cisco | unified_intelligence_center | * |
| cisco | unified_contact_center_express | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-20117 is a cross-site scripting (XSS) vulnerability affecting the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) and related Cisco Contact Center products.
This vulnerability exists because the interface does not sufficiently validate user-supplied input, allowing an unauthenticated, remote attacker to inject malicious script code into specific pages of the interface.
A successful exploit enables the attacker to execute arbitrary scripts in the context of the affected interface or access sensitive browser-based information.
How can this vulnerability impact me? :
This vulnerability can allow an unauthenticated, remote attacker to execute arbitrary script code within the web-based management interface of affected Cisco products.
Such execution could lead to unauthorized access to sensitive browser-based information and potentially compromise the security of the management interface.
Because the attacker does not need prior authentication, the risk of exploitation is higher, potentially leading to data leakage or manipulation of the interface.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
Cisco strongly recommends upgrading to fixed software releases to remediate this vulnerability.
- Upgrade Cisco Unified Contact Center Express to version 15.0 ES02 or later.
- Verify hardware and software compatibility before performing the upgrade.
No workarounds are available for this vulnerability, so applying the fixed software release is the primary mitigation step.