Lucene search
K

22 matches found

Cvelist
Cvelist
added 2026/01/15 12:0 a.m.20 views

CVE-2025-67823

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting XSS attack due to insufficient input validation. A successful exploit requires user...

0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.5 views

PT-2026-3136

Name of the Vulnerable Software and Affected Versions Mitel MiContact Center Business versions through 10.2.0.10 Mitel CX versions through 1.1.0.1 Description A flaw exists in the Multimedia Email component that could allow an unauthenticated attacker to perform a Cross-Site Scripting XSS attack...

8.2CVSS6.1AI score0.00292EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.9 views

Mitel MiContact Center Business has a security vulnerability

Mitel MiContact Center Business is a comprehensive platform offered by the Canadian company Mitel. Versions of Mitel MiContact Center Business 10.2.0.10 and earlier, as well as Mitel CX 1.1.0.1 and earlier versions, have security vulnerabilities. These vulnerabilities stem from insufficient input...

8.2CVSS5.6AI score0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.5 views

PT-2025-26737 · Mitel · Mitel Micontact Center Business

Name of the Vulnerable Software and Affected Versions: Mitel MiContact Center Business versions 10.0.0.0 through 10.0.0.4 Mitel MiContact Center Business versions 10.1.0.0 through 10.1.0.5 Mitel MiContact Center Business versions 10.2.0.0 through 10.2.0.4 Description: A vulnerability in the legac...

7.1CVSS6AI score0.00355EPSS
Exploits0References6
NVD
NVD
added 2024/10/01 7:15 p.m.10 views

CVE-2024-42514

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to...

8.1CVSS0.00415EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.18 views

Mitel MiContact Center Business 跨站脚本漏洞

Mitel MiContact Center Business is an all-media contact center platform from Canadian company Mitel. The platform is used in customer communication, production management and other scenarios. A cross-site scripting vulnerability exists in Mitel MiContact Center Business version 10.0.0.4, which is...

5.4CVSS6.3AI score0.00252EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/16 12:0 a.m.14 views

CVE-2024-28070

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive...

6AI score0.00447EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.22 views

CVE-2024-28069

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and...

6.4AI score0.00573EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.27 views

CVE-2024-28070

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive...

6AI score0.00447EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.7 views

PT-2024-22250 · Mitel · Mitel Micontact Center Business

Name of the Vulnerable Software and Affected Versions: Mitel MiContact Center Business versions through 10.0.0.4 Description: A vulnerability in the legacy chat component could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successfu...

7.5CVSS6.2AI score0.00573EPSS
Exploits0References7
OSV
OSV
added 2023/02/13 6:15 p.m.3 views

CVE-2023-22854

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information...

7.5CVSS7.2AI score0.006EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/13 12:0 a.m.25 views

CVE-2023-22854

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information...

7.7AI score0.006EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/13 3:35 p.m.25 views

CVE-2021-3352

The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access view and modify user data without authorization due to improper handling of tokens...

9.4AI score0.0104EPSS
Exploits0References2
CVE
CVE
added 2021/08/13 3:35 p.m.68 views

CVE-2021-3352

The Mitel MiContact Center Business Software Development Kit (SDK) is affected, specifically versions 8.0.0.0–8.1.4.1 and 9.0.0.0–9.3.1.0. The root cause is improper handling of tokens in the SDK, which can allow an unauthenticated attacker to view and modify user data without authorization. This...

9.1CVSS9.1AI score0.0104EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.8 views

Mitel MiContact Center Business 信息泄露漏洞

Mitel MiContact Center Business is an all-media contact center platform from Mitel Canada. The platform is used for customer communication, production management and other scenarios. A security vulnerability exists in Mitel MiContact Center Business prior to version 9.3.0.0, which can be exploite...

3.3CVSS5.8AI score0.00272EPSS
Exploits0References2
NVD
NVD
added 2020/09/25 4:23 a.m.21 views

CVE-2020-24692

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session...

7.1CVSS0.00419EPSS
Exploits0References2
CVE
CVE
added 2020/09/25 3:43 a.m.66 views

CVE-2020-24692

CVE-2020-24692 affects the Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0. The issue is insufficient input validation allowing cross-site scripting (XSS), which could let an attacker execute arbitrary scripts and potentially gain access to a user session. The description and co...

7.1CVSS7.2AI score0.00419EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/25 3:43 a.m.24 views

CVE-2020-24692

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session...

7.3AI score0.00419EPSS
Exploits0References2
NVD
NVD
added 2020/02/25 7:15 p.m.23 views

CVE-2020-9379

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References2
Prion
Prion
added 2020/02/25 7:15 p.m.15 views

Design/Logic Flaw

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations...

4CVSS6.3AI score0.00924EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder