2 matches found
CVE-2021-27402
Mitel MiCollab’s SAS Admin portal before 9.2 FP2 is affected by a directory traversal vulnerability allowing an unauthenticated attacker to view and modify user data through improper URL validation. Affected: MiCollab versions prior to 9.2 FP2. Root cause: improper validation enabling arbitrary d...
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access view and modify user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal...