3 matches found
CVE-2020-12679
A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...
CVE-2020-12679
CVE-2020-12679: A reflected XSS in Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote injection of JavaScript/HTML via PATH_INFO to home.php. Connected sources corroborate the same vulnerability across NVD/Red Hat/CNVD entries, with no public evid...
CVE-2020-12679
A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...