CISCO-CVE-2026-20112

MEDIUM4.8

Cisco IOx Application Hosting Environment Stored XSS Vulnerability

Published Mar 25, 2026

Modified 1 months ago

Affected Packages

Cisco IOS XE

CiscoIOSXE

Affected versions:

16.10.116.10.1a16.10.1b16.10.1c16.10.1d16.10.1e16.10.1f16.10.1g16.10.1s16.10.2+243 more

CVSS Analysis

CVSS v3.1

4.8

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

HighPR:H

User Interaction

RequiredUI:R

Scope

ChangedS:C

Impact

Confidentiality

LowC:L

Integrity

LowI:L

Availability

NoneA:N

4.8/CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Upstream

Ecosystems

Timeline

PublishedMar 25, 2026

ModifiedMar 25, 2026