CVE-2026-20172
Received Received - Intake
Stored XSS in Cisco Enterprise Chat and Email Lite Agent

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This vulnerability is due to inadequate validation of file contents during file upload operations. An attacker could exploit this vulnerability by uploading a file that contains malicious scripts or HTML code, which the application could make available to other users to access. A successful exploit could allow the attacker to execute the contents of that file in the browser of a user and conduct browser-based attacks. 
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-05-07
AI Q&A
2026-05-06
EPSS Evaluated
N/A
NVD
CVE-2026-20172
EUVD
EUVD-2026-27856
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cisco enterprise_chat_and_email *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-646 The product allows a file to be uploaded, but it relies on the file name or extension of the file to determine the appropriate behaviors. This could be used by attackers to cause the file to be misclassified and processed in a dangerous fashion.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE). It allows an authenticated remote attacker, who has valid user credentials with at least the Agent role, to perform browser-based attacks.

The root cause is inadequate validation of file contents during file upload operations. An attacker can upload a file containing malicious scripts or HTML code. When this file is accessed by other users, the malicious content can be executed in their browsers, enabling the attacker to conduct browser-based attacks.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an attacker to execute malicious scripts in the browsers of users who access the uploaded files. This could lead to unauthorized actions performed on behalf of users, potentially compromising user sessions or data integrity.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that only trusted users with valid credentials and appropriate roles (at least Agent role) can upload files. Implement strict validation and sanitization of file contents during upload operations to prevent malicious scripts or HTML code from being accepted. Additionally, monitor and restrict file upload functionality to reduce the risk of exploitation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart