CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

CVE-2024-47223

A vulnerability in the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access...

Vulnerability fixed in Mitel MiCollab and MiVoice Business Express

A vulnerability has been fixed in Mitel MiCollab and MiVoice Business Express. The vulnerability allows an unauthenticated remote malicious party to perform attacks that lead to the following categories of damage Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Th...

CVE-2021-27401

The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access view and modify user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting XSS...