CVE-2026-20055

Name of the Vulnerable Software and Affected Versions Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (affected versions not specified)

Description The software contains weaknesses in the web-based management interface due to improper validation of user-supplied input. This could allow a remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. A successful exploit may allow the attacker to execute arbitrary script code or access sensitive, browser-based information. The attacker must have valid administrative credentials to exploit these weaknesses.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.