CVE-2022-20969

Name of the Vulnerable Software and Affected Versions Cisco Umbrella (affected versions not specified)

Description The issue is related to unsanitized user input in multiple management dashboard pages, which could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the dashboard. An attacker could exploit this by submitting custom JavaScript to the web application and persuading a user to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.