XSS Vulnerability in Mitel MiCollab AWV Portal Allows Unauthorized Access to Conference Information

XSS Vulnerability in Mitel MiCollab AWV Portal Allows Unauthorized Access to Conference Information

CVE-2020-25611 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an attacker to view user conference information.

Learn more about our User Device Pen Test.