CVE-2026-20132
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device. These vulnerabilities are due to insufficient sanitization of user-supplied data that is stored in the web page. An attacker could exploit these vulnerabilities by convincing a user of the interface to click a specific link or view an affected web page. The injected script code may be executed in the context of the web-based management interface or allow the attacker to access sensitive browser-based information.
EPSS 0.04% · 12.2th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Identity Services Engine Software | 3.1.0 p3, 3.1.0 p2, 3.2.0 |
Exploit Intelligence
- CIRCL seen: CVE-2026-20132 (circl-sighting)
- cisco-sa-isexss-BS8ctE7U (circl)
Timeline
- Apr 15, 2026 CVE Published
- Apr 15, 2026 CVE Updated
- Apr 15, 2026 PoC Published
- Apr 16, 2026 Security Advisory
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score