PT-2024-26416 · Mitel · Mitel Micontact Center Business
Teguh Darmawangsa
·
Published
2024-05-29
·
Updated
2024-05-29
·
CVE-2024-35284
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Mitel MiContact Center Business versions through 10.0.0.4
Description
The issue is related to a reflected cross-site scripting (XSS) attack in the legacy chat component due to insufficient input validation, allowing an unauthenticated attacker to conduct such an attack.
Recommendations
For Mitel MiContact Center Business versions through 10.0.0.4, update to a version that addresses the insufficient input validation issue in the legacy chat component to prevent reflected cross-site scripting (XSS) attacks.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mitel Micontact Center Business