While not directly related to Unified Communications, the reality is that many UC web interfaces, particularly for mobile devices, may turn to HTML5 as a way to create a web interface that provides an excellent user interface and works across all mobile devices.
Perhaps more importantly, the work of the RTCWEB/WebRTC working groups within the IETF and W3C, which I've written about over on Voxeo's blogs, is aimed at bringing the "real-time communications" functionality directly into the web browser. In other words, you wouldn't need a browser plugin or additional program on your computer to make voice, video or chat connections… it could happen entirely within the browser.
At that point every browser potentially can become a UC endpoint… and therefore a concern for communications security.
It's a lengthy document from ENISA, but worth a read as it dives into both analysis and recommendations for greater HTML5 security.