Mitel · Mitel Micontact Center Business · CVE-2024-35284
**Name of the Vulnerable Software and Affected Versions**
Mitel MiContact Center Business versions through 10.0.0.4
**Description**
The issue is related to a reflected cross-site scripting (XSS) attack in the legacy chat component due to insufficient input validation, allowing an unauthenticated attacker to conduct such an attack.
**Recommendations**
For Mitel MiContact Center Business versions through 10.0.0.4, update to a version that addresses the insufficient input validation issue in the legacy chat component to prevent reflected cross-site scripting (XSS) attacks.