First published: Fri Dec 18 2020(Updated: )
The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to view and modify user data.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue in Mitel MiCollab is CVE-2020-25609.
The severity rating of CVE-2020-25609 is medium (5.4).
The vulnerability CVE-2020-25609 in Mitel MiCollab allows an authenticated attacker to execute arbitrary scripts due to insufficient input validation, also known as XSS (Cross-Site Scripting).
If an attacker successfully exploits CVE-2020-25609 in Mitel MiCollab, they can view and modify user data.
To fix the vulnerability CVE-2020-25609 in Mitel MiCollab, it is recommended to apply the necessary security patches or updates provided by Mitel and ensure proper input validation is in place to prevent XSS attacks.