Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.10 views

CVE-2020-12679

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

6.1CVSS5.7AI score0.00773EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-4975

Malware in sbrugna...

6.1CVSS6.3AI score0.00773EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-20812

Malware in sbrugna...

6.1CVSS6.3AI score0.15987EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2025/05/22 4:17 p.m.27 views

CVE-2020-28351

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack via the PATHINFO to index.php due to insufficient validation for the timezone object in the HOMEMEETING& page...

6.1CVSS6AI score0.15987EPSS
Exploits3
CNVD
CNVD
added 2020/11/12 12:0 a.m.2 views

Mitel ShoreTel conferencing component cross-site scripting vulnerability

Mitel Connect Mitel ShoreTel is a software for office communication from Mitel Canada. The software provides access to corporate contacts, support for selecting contacts to open meetings, and an interface to manage calls and voicemail. A cross-site scripting vulnerability exists in the conferenci...

6.1CVSS6AI score0.15987EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2020/11/10 12:0 a.m.356 views

ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting

Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...

6.4AI score0.15987EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.324 views

ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting

Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...

6.1CVSS6.3AI score0.15987EPSS
Exploits3
NVD
NVD
added 2020/11/09 4:15 a.m.21 views

CVE-2020-28351

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack via the PATHINFO to index.php due to insufficient validation for the timezone object in the HOMEMEETING& page...

6.1CVSS6.1AI score0.15987EPSS
Exploits3References3
Cvelist
Cvelist
added 2020/11/09 3:58 a.m.27 views

CVE-2020-28351

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack via the PATHINFO to index.php due to insufficient validation for the timezone object in the HOMEMEETING& page...

6.1AI score0.15987EPSS
Exploits3References3
CNVD
CNVD
added 2020/05/08 12:0 a.m.3 views

Mitel Networks ShoreTel Conference Cross-Site Scripting Vulnerability

Mitel Networks ShoreTel Conference is a suite of teleconferencing solutions from Mitel Networks Canada. A cross-site scripting vulnerability exists in the home.php file in Mitel Networks ShoreTel Conference version 19.50.1000.0. A remote attacker can exploit this vulnerability to inject arbitrary...

6.1CVSS6.2AI score0.00773EPSS
Exploits0References1
NVD
NVD
added 2020/05/07 5:15 p.m.14 views

CVE-2020-12679

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

6.1CVSS6AI score0.00773EPSS
Exploits0References1
Prion
Prion
added 2020/05/07 5:15 p.m.17 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

4.3CVSS5.9AI score0.00773EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/05/07 4:36 p.m.45 views

CVE-2020-12679

CVE-2020-12679: A reflected XSS in Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote injection of JavaScript/HTML via PATH_INFO to home.php. Connected sources corroborate the same vulnerability across NVD/Red Hat/CNVD entries, with no public evid...

6.1CVSS5.9AI score0.00773EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/05/07 4:36 p.m.25 views

CVE-2020-12679

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

6AI score0.00773EPSS
Exploits0References1
Rows per page
Query Builder