Vulnslist

find the latest Cisco vulnerabilities

CVE-2026-20070

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device.  This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by persuading a user to follow a link to a malicious website that is designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the VPN web server.

SeverityMEDIUM
CVSS6.1
CWECWE-80
KEV
Published
Modified

Related Products

Product Advisory
Cisco Secure Firewall Management Center (FMC) cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco RV Series Routers cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Nexus Dashboard cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Firepower Threat Defense Software cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Catalyst PON Series Switches cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Adaptive Security Appliance (ASA) Software cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco 3000 Series Routers cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall Threat Defense Virtual cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall Threat Defense (FTD) Software cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall 4200 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall 3100 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Secure Firewall 1200 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Firepower 9000 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Firepower 4100 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Firepower 2100 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Firepower 1000 Series cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco Adaptive Security Virtual Appliance (ASAv) cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco ASA 5500-X Series Firewalls cisco-sa-asaftd-webvpn-xss-uwjc4HR
Cisco 3000 Series Industrial Security Appliances (ISA) cisco-sa-asaftd-webvpn-xss-uwjc4HR