Since the bug you are encountering is related to the Web UI component of Cisco IOS XE, and no patch has been released yet, the recommended mitigation step is to disable the HTTPS Server feature on the affected devices. This can significantly reduce the risk of exploitation by attackers. Additionally, you can apply access lists to restrict access to the HTTP Server feature from untrusted hosts and networks, which can also help prevent unauthorized access.In the absence of a patch, these measures can provide temporary protection until a permanent solution becomes available. It is essential to keep monitoring the situation closely and stay informed about any updates or patches provided by Cisco.