5.4
CVE-2020-3420 - Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a userโฆ
6.1
CVE-2020-3431 - Cisco Small Business RV Series Routers Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-baโฆ
6.1
CVE-2024-52424 - WordPress wp-login customizer plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in sureshdsk wp-login customizer wp-login-customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through <= 1.0.
7.5
CVE-2020-26073 - Cisco SD-WAN vManage Directory Traversal Vulnerability
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to applicationโฆ
7.8
CVE-2020-26074 - Cisco SD-WAN vManage Privilege Escalation Vulnerability
A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions.โฆ
4.3
CVE-2020-3525 - Cisco Identity Services Engine Password Disclosure to an Unauthorized Actor Vulnerability
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuratioโฆ
6.1
CVE-2020-3532 - Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticatโฆ
4.6
CVE-2020-3538 - Cisco Data Center Network Manager Path Traversal Vulnerability
A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could โฆ
6.3
CVE-2020-3539 - Cisco Data Center Network Manager Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for usโฆ
5.3
CVE-2020-3548 - Cisco Email Security Appliance Denial Of Service Vulnerability
A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.โฆ