CVE-2016-1377

Cross-site scripting XSS vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776...

CVE-2016-1377

Cisco Unity Connection up to version 11.0 contains a cross-site scripting (XSS) vulnerability in its web framework. An unauthenticated, remote attacker could inject arbitrary web script or HTML via unspecified parameters in the web interface, which is exploitable when a user follows a crafted lin...