CVE-2026-20170
Cross-Site Scripting in Cisco Webex Contact Center Desktop Agent
Publication date: 2026-04-15
Last updated on: 2026-04-15
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | webex_contact_center | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-80 | The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-20170 is a medium-severity cross-site scripting (XSS) vulnerability affecting the Desktop Agent functionality of the cloud-based Cisco Webex Contact Center.
The vulnerability exists because HTML and script content were not properly handled, allowing an unauthenticated, remote attacker to execute XSS attacks by convincing a user to click a malicious link.
Successful exploitation could enable the attacker to steal sensitive information from the browser, including authentication tokens and session data.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to steal sensitive browser information such as authentication tokens and session data.
This could lead to unauthorized access to user accounts or sessions within the Cisco Webex Contact Center environment.
However, exploitation requires user interaction, specifically the user clicking on a malicious link.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a cross-site scripting (XSS) issue in the Desktop Agent functionality of Cisco Webex Contact Center that requires user interaction via a malicious link. There are no specific detection commands or network signatures provided to identify exploitation attempts.
Since the vulnerability involves persuading a user to click a malicious link leading to script execution in the browser, detection would primarily rely on monitoring user activity and suspicious URLs rather than network or system commands.
Cisco has not provided any detection tools or commands for this vulnerability, and no public exploitation reports exist.
What immediate steps should I take to mitigate this vulnerability?
Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action or software updates are needed.
There are no available workarounds, and since the service is cloud-based, mitigation is handled by Cisco.
If further assistance is needed, customers are advised to contact Cisco TAC.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.