CVE-2022-41326

Name of the Vulnerable Software and Affected Versions Mitel MiCollab versions through 9.6.0.13

Description The web conferencing component could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application.

Recommendations For versions through 9.6.0.13, update to a version later than 9.6.0.13 to resolve the issue. As a temporary workaround, consider restricting access to the web conferencing component to minimize the risk of exploitation.