What is cisco-sa-unity-vulns-n2EJSbbw?

cisco-sa-unity-vulns-n2EJSbbw is a security advisory published by Cisco PSIRT openVuln with Medium severity. Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Which CVE IDs does cisco-sa-unity-vulns-n2EJSbbw cover?

cisco-sa-unity-vulns-n2EJSbbw covers the following CVE IDs: CVE-2026-20060, CVE-2026-20061, CVE-2026-20059. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of cisco-sa-unity-vulns-n2EJSbbw?

cisco-sa-unity-vulns-n2EJSbbw has a CVSS v3 base score of 6.1, published by Cisco PSIRT openVuln.

Which products are affected by cisco-sa-unity-vulns-n2EJSbbw?

cisco-sa-unity-vulns-n2EJSbbw affects 1 product, including: Cisco Unity Connection.

cisco-sa-unity-vulns-n2EJSbbwMediumCVSS 6.1

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Vendor

Cisco PSIRT openVuln

Published

April 15, 2026

Last Modified

April 15, 2026

🔗 CVE IDs covered (3)

CVE-2026-20060 →CVE-2026-20061 →CVE-2026-20059 →

📋 Description

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting (XSS) attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw</a>

🎯 Affected products1

Cisco Unity Connection

🔗 CVE IDs covered (3)

📋 Description

🎯 Affected products1

🔗 References (2)