CVE-2020-3121

Name of the Vulnerable Software and Affected Versions Cisco Small Business Smart and Managed Switches (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. This could be achieved by persuading a user to click a malicious link and access a specific page, potentially leading to the execution of arbitrary script code or access to sensitive information.

Recommendations For Cisco Small Business Smart and Managed Switches, consider restricting access to the web-based management interface until a fix is available. As a temporary workaround, avoid using links from untrusted sources to access the interface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.