First published: Fri Dec 18 2020(Updated: )
The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to improper input validation, aka XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-25606.
The title of the vulnerability is "The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by...".
The severity of CVE-2020-25606 is medium with a CVSS score of 6.1.
The software affected by CVE-2020-25606 is Mitel MiCollab before version 9.2 and MiVoice Business Express before version 9.2.
An attacker can exploit CVE-2020-25606 by sending arbitrary code to the AWV component of Mitel MiCollab before version 9.2, which can allow them to view system information due to improper input validation (XSS).