22 matches found
CVE-2025-67823
A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting XSS attack due to insufficient input validation. A successful exploit requires user...
PT-2026-3136
Name of the Vulnerable Software and Affected Versions Mitel MiContact Center Business versions through 10.2.0.10 Mitel CX versions through 1.1.0.1 Description A flaw exists in the Multimedia Email component that could allow an unauthenticated attacker to perform a Cross-Site Scripting XSS attack...
Mitel MiContact Center Business has a security vulnerability
Mitel MiContact Center Business is a comprehensive platform offered by the Canadian company Mitel. Versions of Mitel MiContact Center Business 10.2.0.10 and earlier, as well as Mitel CX 1.1.0.1 and earlier versions, have security vulnerabilities. These vulnerabilities stem from insufficient input...
PT-2025-26737 · Mitel · Mitel Micontact Center Business
Name of the Vulnerable Software and Affected Versions: Mitel MiContact Center Business versions 10.0.0.0 through 10.0.0.4 Mitel MiContact Center Business versions 10.1.0.0 through 10.1.0.5 Mitel MiContact Center Business versions 10.2.0.0 through 10.2.0.4 Description: A vulnerability in the legac...
CVE-2024-42514
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to...
Mitel MiContact Center Business 跨站脚本漏洞
Mitel MiContact Center Business is an all-media contact center platform from Canadian company Mitel. The platform is used in customer communication, production management and other scenarios. A cross-site scripting vulnerability exists in Mitel MiContact Center Business version 10.0.0.4, which is...
CVE-2024-28070
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive...
CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and...
CVE-2024-28070
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive...
PT-2024-22250 · Mitel · Mitel Micontact Center Business
Name of the Vulnerable Software and Affected Versions: Mitel MiContact Center Business versions through 10.0.0.4 Description: A vulnerability in the legacy chat component could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successfu...
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information...
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information...
CVE-2021-3352
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access view and modify user data without authorization due to improper handling of tokens...
CVE-2021-3352
The Mitel MiContact Center Business Software Development Kit (SDK) is affected, specifically versions 8.0.0.0–8.1.4.1 and 9.0.0.0–9.3.1.0. The root cause is improper handling of tokens in the SDK, which can allow an unauthenticated attacker to view and modify user data without authorization. This...
Mitel MiContact Center Business 信息泄露漏洞
Mitel MiContact Center Business is an all-media contact center platform from Mitel Canada. The platform is used for customer communication, production management and other scenarios. A security vulnerability exists in Mitel MiContact Center Business prior to version 9.3.0.0, which can be exploite...
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session...
CVE-2020-24692
CVE-2020-24692 affects the Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0. The issue is insufficient input validation allowing cross-site scripting (XSS), which could let an attacker execute arbitrary scripts and potentially gain access to a user session. The description and co...
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session...
CVE-2020-9379
The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations...
Design/Logic Flaw
The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations...