cpe:/a:cisco:unity_connection:10.5%282.3009%29 CVE-2016-1300 2016-01-27T17:59:03.770-05:00 2016-01-28T13:33:11.540-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2016-01-28T12:40:02.217-05:00 CISCO 20160127 Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582.