CVE-2020-3580CISA KEVEPSS p99.7%

CVE-2020-3580Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability

Cisco / Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Description

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.

Scoring

EPSS85.44% probability of exploitation · percentile 99.7% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco ASA and FTD Cross-Site Scripting (XSS) Vulnerabilitykev-cve-2020-35800%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco ASA and FTD Read-Only Path Traversal Vulnerability
CVE
Cisco ASA and FTD Information Disclosure Vulnerability
CVE
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability
CVE
CVE-2026-20069
CVE
CVE-2025-20263
CVE
CVE-2025-20363
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.