Cisco · Cisco Identity Services Engine · CVE-2019-12631
**Name of the Vulnerable Software and Affected Versions**
Cisco Identity Services Engine (affected versions not specified)
**Description**
The issue is related to insufficient protection of the web page structure in the Cisco Identity Services Engine management interface, allowing for potential cross-site scripting (XSS) attacks. This could enable a remote attacker to execute arbitrary script code or access sensitive information by persuading a user to click on a specially crafted link. The vulnerability is due to insufficient validation of user-supplied input processed by the web-based management interface.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.