CVE-2026-20102 | THREATINT

Description

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the SAML feature and access sensitive, browser-based information. This vulnerability is due to insufficient input validation of multiple HTTP parameters. An attacker could exploit this vulnerability by persuading a user to access a malicious link. A successful exploit could allow the attacker to conduct a reflected XSS attack through an affected device.

PUBLISHED Reserved 2025-10-08 | Published 2026-03-04 | Updated 2026-03-04 | Assigner cisco

MEDIUM: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Problem types

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product status

Default status

unknown

9.16.1

affected

9.16.1.28

affected

9.16.2

affected

9.16.2.3

affected

9.16.2.7

affected

9.17.1

affected

9.16.2.11

affected

9.16.2.13

affected

9.16.2.14

affected

9.17.1.7

affected

9.17.1.9

affected

9.17.1.10

affected

9.17.1.11

affected

9.17.1.13

affected

9.17.1.15

affected

9.17.1.20

affected

9.17.1.30

affected

9.17.1.33

affected

9.17.1.39

affected

9.17.1.45

affected

9.17.1.46

affected

9.23.1.13

affected

9.20.4.7

affected

9.22.2.13

affected

9.18.4.66

affected

9.20.4.10

affected

9.23.1.19

affected

9.18.4.67

affected

Default status

unknown

7.0.0

affected

7.0.0.1

affected

7.0.1

affected

7.1.0

affected

7.0.1.1

affected

7.1.0.1

affected

7.1.0.2

affected

7.1.0.3

affected

References

sec.cloudapps.cisco.com/...ory/cisco-sa-asaftd-saml-LktTrwZP (cisco-sa-asaftd-saml-LktTrwZP)

cve.org (CVE-2026-20102)

nvd.nist.gov (CVE-2026-20102)

Download JSON