Cisco Webex Contact Center Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the Desktop Agent functionality of Cisco Webex Contact Center. This issue could have allowed an unauthenticated, remote attacker to execute cross-site scripting attacks. The vulnerability arose because HTML and script content were not properly sanitized. An attacker could have exploited this by convincing a user to click on a malicious link, potentially leading to the theft of sensitive information from the user's browser, such as authentication and session details.

Impact

Exploitation of this vulnerability could have allowed an attacker to perform cross-site scripting attacks, potentially leading to the theft of sensitive information from the user's browser, including authentication and session data.

Added: Apr 15, 2026, 5:39 PM

Updated: Apr 15, 2026, 5:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

4.2

exploitability

6.2

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

4.2

exploitability

6.2

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cisco Webex Contact Center Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating