CVE-2016-1377
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.
Date published : 2016-04-12
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity