First published: Tue Mar 13 2018(Updated: )
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel St14.2 | <=ga28 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.