CVE-2019-19371

Name of the Vulnerable Software and Affected Versions Mitel MiCollab AWV versions prior to 8.1.2.2

Description A cross-site scripting (XSS) issue exists due to insufficient validation in the join meeting interface of the web conferencing component. This could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack, potentially executing arbitrary scripts.

Recommendations For versions prior to 8.1.2.2, update to version 8.1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the join meeting interface until the update is applied.