CVE-2026-20149
Received Received - Intake
Cross-Site Scripting in Cisco Webex via Improper Input Filtering

Publication date: 2026-03-04

Last updated on: 2026-03-09

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco Webex could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability, and no customer action is needed. This vulnerability was due to improper filtering of user-supplied input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to conduct an XSS attack against the targeted user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-03-09
Generated
2026-06-16
AI Q&A
2026-03-04
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20149
EUVD
EUVD-2026-9473
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cisco webex *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability is in the cloud-based Cisco Webex service and involves a cross-site scripting (XSS) attack via malicious links. Detection would typically involve monitoring for suspicious URLs or user reports of unexpected script execution in Webex sessions.

However, there are no specific detection commands or tools provided for identifying this vulnerability on your network or system.

Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-20149 is a medium-severity cross-site scripting (XSS) vulnerability in Cisco Webex Services. It occurs because the service improperly filters user-supplied input, allowing an unauthenticated remote attacker to trick a user into clicking a malicious link.'}, {'type': 'paragraph', 'content': "If exploited, the attacker could execute arbitrary scripts within the context of the targeted user's browser session, potentially compromising the user's interaction with the Webex service."}] [1]

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability could allow an attacker to perform cross-site scripting attacks by persuading a user to click a malicious link, leading to the execution of arbitrary scripts in the user's browser."}, {'type': 'paragraph', 'content': "Such an attack could impact the confidentiality and integrity of the user's data within the Webex session, although it does not affect availability."}, {'type': 'paragraph', 'content': 'However, Cisco has addressed this vulnerability in the Webex cloud service, and no customer action or software updates are required.'}] [1]

Compliance Impact

I don't know

Mitigation Strategies

Cisco has addressed this vulnerability in the Webex cloud service, and no customer action or software updates are required for on-premises devices.

There are no available workarounds to mitigate this issue, and Cisco PSIRT is not aware of any public exploitation or malicious use of this vulnerability.

If further assistance is needed, customers are advised to contact Cisco Technical Assistance Center (TAC) or their maintenance providers.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20149. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart