← Home
Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
Source: cisco / cisco-sa-unity-vulns-n2EJSbbw
— original advisory
Published: 2026-04-15
· Last updated: 2026-04-15
· Vendor severity: Medium
CVEs
| CVE | CVSS | CWE | Exploitation |
| CVE-2026-20059 |
6.1 |
CWE-601: Open Redirect |
Not observed in the wild |
| CVE-2026-20060 |
6.1 |
CWE-601: Open Redirect |
Not observed in the wild |
| CVE-2026-20061 |
6.1 |
CWE-601: Open Redirect |
Not observed in the wild |
Affected Products
| Product | Affected versions | Fixed version |
| Cisco Unity Connection |
Not specified by vendor |
Not specified by vendor |