THREAT OPS › Threat News › Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
<p>Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting (XSS) attack, an open redirect attack, and an SQL injection attack.</p> <p>For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory.</p> <p>Cisco has released software updates that address these vulnerabilities. There are no
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2026-20059cve
- CVE-2026-20060cve
- CVE-2026-20061cve