CVE-2017-12212
Cisco Unity Connection (v10.5(2) with default config) is affected by a reflected cross-site scripting (XSS) vulnerability in its web framework. The issue arises from insufficient input validation on HTTP GET/POST parameters, allowing an unauthenticated, remote attacker to persuade a user to follo...