CVE-2018-12901

2018-10-23T21:30:00
ID CVE-2018-12901
Type cve
Reporter cve@mitre.org
Modified 2018-12-04T20:27:00

Description

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 (19.49.9400.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the signin.php page. A successful exploit could allow an attacker to execute arbitrary scripts.