CVE-2016-1377 (unity_connection)

CVE-2016-1377 (unity_connection)

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.

Source: CVE-2016-1377 (unity_connection)