CVE-2015-6299
Cisco Unity Connection web interface SQL injection (CVE-2015-6299) affects Cisco Unity Connection versions 9.1(1.2) and earlier. The vulnerability stems from lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute arbitrary SQL commands via a crafted HTTP PO...