CVE-2026-20102

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the SAML feature and access sensitive, browser-based information. This vulnerability is due to insufficient input validation of multiple HTTP parameters. An attacker could exploit this vulnerability by persuading a user to access a malicious link. A successful exploit could allow the attacker to conduct a reflected XSS attack through an affected device.

Severity	MEDIUM
CVSS	6.1
CWE	CWE-79
KEV
Published	2 months ago
Modified	1 month ago

Related Products

Product	Advisory
Cisco Secure Firewall Management Center (FMC)	cisco-sa-asaftd-saml-LktTrwZP
Cisco Nexus Dashboard	cisco-sa-asaftd-saml-LktTrwZP
Cisco Firepower Threat Defense Software	cisco-sa-asaftd-saml-LktTrwZP
Cisco Catalyst PON Series Switches	cisco-sa-asaftd-saml-LktTrwZP
Cisco Adaptive Security Appliance (ASA) Software	cisco-sa-asaftd-saml-LktTrwZP
Cisco 3000 Series Routers	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall Threat Defense Virtual	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall Threat Defense (FTD) Software	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall 4200 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall 3100 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Secure Firewall 1200 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Firepower 9000 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Firepower 4100 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Firepower 2100 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Firepower 1000 Series	cisco-sa-asaftd-saml-LktTrwZP
Cisco Adaptive Security Virtual Appliance (ASAv)	cisco-sa-asaftd-saml-LktTrwZP
Cisco ASA 5500-X Series Firewalls	cisco-sa-asaftd-saml-LktTrwZP
Cisco 3000 Series Industrial Security Appliances (ISA)	cisco-sa-asaftd-saml-LktTrwZP