Volerion logoVolerion
Volerion logoVolerion

Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability

Vulnerability

A reflected cross-site scripting vulnerability has been identified in the web-based management interface of Cisco Unity Connection. This issue allows an unauthenticated, remote attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. The vulnerability arises from improper validation of user-supplied input, enabling attackers to craft links that, when clicked by users, trigger the execution of malicious scripts.

Impact

Exploitation of this vulnerability could lead to reflected cross-site scripting, allowing attackers to execute scripts in the context of the user's session.

Remediation

Cisco has released software updates to address this vulnerability. Users are advised to upgrade to the fixed releases mentioned in the Cisco Security Advisory.

Added: Apr 15, 2026, 6:05 PM
Updated: Apr 15, 2026, 6:05 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
3.5
exploitability
5.8
remediation
7.7
relevance
6.0
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.