{"api_version":"1","generated_at":"2026-07-19T10:59:37+00:00","cve":"CVE-2026-20117","urls":{"html":"https://cve.report/CVE-2026-20117","api":"https://cve.report/api/cve/CVE-2026-20117.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20117","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20117"},"summary":{"title":"Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities","description":"A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-03-11 17:16:55","updated_at":"2026-07-08 19:12:13"},"problem_types":["CWE-79","CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Secondary","score":"6.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"6.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh","refsource":"psirt@cisco.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20117","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20117","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.5(1)SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.0(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.0(1)SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.5(1)SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.5(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)SU2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)SU3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU02_ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU02_ES04","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU02_ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU01_ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU01_ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU02_ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES07","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES08","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU01_ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.0(1)ES04","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES06","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.0(1)ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.0(1)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES05","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.0(1)ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES04","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(2)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU3ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.0(1)SU1ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU3ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.5(1)SU1ES10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.5(1)SU1ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(1)ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.5(1)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU2ES04","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.6(1)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 10.6(1)SU3ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.5(1)SU1ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.5(1)SU1ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 11.0(1)SU1ES02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES03","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES04","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES05","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected UCCX 15.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES06","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 12.5(1)_SU03_ES07","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 15.0(1)","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 15.0(1)ES01","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 15.0(1)ES-MSOauth","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unified Contact Center Express","version":"affected 1501_ES01_CSCws06843","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"20117","vulnerable":"1","versionEndIncluding":"15.0\\(1\\)ES01","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_contact_center_express","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"20117","cve":"CVE-2026-20117","epss":"0.002070000","percentile":"0.108730000","score_date":"2026-07-10","updated_at":"2026-07-11 00:11:17"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20117","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-03-11T17:05:14.798354Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-03-11T17:20:21.169Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Unified Contact Center Express","vendor":"Cisco","versions":[{"status":"affected","version":"10.5(1)SU1"},{"status":"affected","version":"10.6(1)"},{"status":"affected","version":"11.6(1)"},{"status":"affected","version":"10.6(1)SU1"},{"status":"affected","version":"10.6(1)SU3"},{"status":"affected","version":"11.6(2)"},{"status":"affected","version":"12.0(1)"},{"status":"affected","version":"11.0(1)SU1"},{"status":"affected","version":"11.5(1)SU1"},{"status":"affected","version":"10.5(1)"},{"status":"affected","version":"12.5(1)"},{"status":"affected","version":"12.5(1)SU1"},{"status":"affected","version":"12.5(1)SU2"},{"status":"affected","version":"12.5(1)SU3"},{"status":"affected","version":"12.5(1)_SU03_ES01"},{"status":"affected","version":"12.5(1)_SU03_ES02"},{"status":"affected","version":"12.5(1)_SU02_ES03"},{"status":"affected","version":"12.5(1)_SU02_ES04"},{"status":"affected","version":"12.5(1)_SU02_ES02"},{"status":"affected","version":"12.5(1)_SU01_ES02"},{"status":"affected","version":"12.5(1)_SU01_ES03"},{"status":"affected","version":"12.5(1)_SU02_ES01"},{"status":"affected","version":"11.6(2)ES07"},{"status":"affected","version":"11.6(2)ES08"},{"status":"affected","version":"12.5(1)_SU01_ES01"},{"status":"affected","version":"12.0(1)ES04"},{"status":"affected","version":"12.5(1)ES02"},{"status":"affected","version":"12.5(1)ES03"},{"status":"affected","version":"11.6(2)ES06"},{"status":"affected","version":"12.5(1)ES01"},{"status":"affected","version":"12.0(1)ES03"},{"status":"affected","version":"12.0(1)ES01"},{"status":"affected","version":"11.6(2)ES05"},{"status":"affected","version":"12.0(1)ES02"},{"status":"affected","version":"11.6(2)ES04"},{"status":"affected","version":"11.6(2)ES03"},{"status":"affected","version":"11.6(2)ES02"},{"status":"affected","version":"11.6(2)ES01"},{"status":"affected","version":"10.6(1)SU3ES03"},{"status":"affected","version":"11.0(1)SU1ES03"},{"status":"affected","version":"10.6(1)SU3ES01"},{"status":"affected","version":"10.5(1)SU1ES10"},{"status":"affected","version":"11.5(1)SU1ES03"},{"status":"affected","version":"11.6(1)ES02"},{"status":"affected","version":"11.5(1)ES01"},{"status":"affected","version":"10.6(1)SU2"},{"status":"affected","version":"10.6(1)SU2ES04"},{"status":"affected","version":"11.6(1)ES01"},{"status":"affected","version":"10.6(1)SU3ES02"},{"status":"affected","version":"11.5(1)SU1ES02"},{"status":"affected","version":"11.5(1)SU1ES01"},{"status":"affected","version":"11.0(1)SU1ES02"},{"status":"affected","version":"12.5(1)_SU03_ES03"},{"status":"affected","version":"12.5(1)_SU03_ES04"},{"status":"affected","version":"12.5(1)_SU03_ES05"},{"status":"affected","version":"UCCX 15.0.1"},{"status":"affected","version":"12.5(1)_SU03_ES06"},{"status":"affected","version":"12.5(1)_SU03_ES07"},{"status":"affected","version":"15.0(1)"},{"status":"affected","version":"15.0(1)ES01"},{"status":"affected","version":"15.0(1)ES-MSOauth"},{"status":"affected","version":"1501_ES01_CSCws06843"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-03-11T16:31:26.560Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-cc-xss-MrNAH5Jh","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh"}],"source":{"advisory":"cisco-sa-cc-xss-MrNAH5Jh","defects":["CSCwq46126"],"discovery":"EXTERNAL"},"title":"Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20117","datePublished":"2026-03-11T16:31:26.560Z","dateReserved":"2025-10-08T11:59:15.376Z","dateUpdated":"2026-03-11T17:20:21.169Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-11 17:16:55","lastModifiedDate":"2026-07-08 19:12:13","problem_types":["CWE-79","CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-11T17:05:14.798354Z","id":"CVE-2026-20117","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*","versionEndIncluding":"15.0\\(1\\)ES01","matchCriteriaId":"6E7F7C37-40B9-40E2-A650-AFCD25B643FE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20117","Ordinal":"1","Title":"Multiple Cisco Contact Center Products Cross-Site Scripting Vuln","CVE":"CVE-2026-20117","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20117","Ordinal":"1","NoteData":"A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.","Type":"Description","Title":"Multiple Cisco Contact Center Products Cross-Site Scripting Vuln"}]}}}