Vulnslist

find the latest Cisco vulnerabilities

CVE-2023-20028

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.

SeverityMEDIUM
CVSS5.4
CWECWE-79
KEV
Published
Modified

Related Products

Product Advisory
Cisco Web Security Appliance (WSA) cisco-sa-esa-sma-wsa-xss-cP9DuEmq
Cisco Secure Web Appliance cisco-sa-esa-sma-wsa-xss-cP9DuEmq
Cisco Secure Email and Web Manager cisco-sa-esa-sma-wsa-xss-cP9DuEmq
Cisco Secure Email cisco-sa-esa-sma-wsa-xss-cP9DuEmq
Cisco Email Security Appliance (ESA) cisco-sa-esa-sma-wsa-xss-cP9DuEmq