CVE-2021-27401

Name of the Vulnerable Software and Affected Versions Mitel MiCollab Web Client versions prior to 9.2 FP2

Description The issue allows an attacker to access, view, and modify user data by executing arbitrary code due to insufficient input validation, also known as Cross-Site Scripting (XSS). This affects the Join Meeting page of the Mitel MiCollab Web Client.

Recommendations For versions prior to 9.2 FP2, update to version 9.2 FP2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Join Meeting page until the update is applied.