CVE-2025-20129

Name of the Vulnerable Software and Affected Versions Cisco Customer Collaboration Platform (CCP) versions not specified

Description A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP) could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This issue is due to improper sanitization of HTTP requests sent to the web-based chat interface. An attacker could exploit this by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server, potentially redirecting chat traffic to a server under their control and resulting in sensitive information being redirected to the attacker.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.