Mitel Product Security Advisory 16-0012

XSS Vulnerability in MiCollab AWV

Advisory ID: 16-0012
Publish Date: 2016-06-03
Revision: 1.0
Summary

A Cross-Site Scripting (XSS) Vulnerability was identified in MiCollab AWV.

Credit is given to Andrew Tierney, of Pen Test Partners, for the discovery and working with Mitel under coordinated disclosure.

Detailed Description

The identified vulnerability would allow an attacker to inject malicious scripts into a specific web page which would then be unknowingly executed by other users (potential victims) when vising the page.

Affected Products

The following products have been identified as being affected and vulnerable (updated 2016-06-03):

Product Name

Product Versions

Security Bulletin

Last Updated

MiCollab AWV

6.x, 5.x

16-0012-001

2016-06-03

External References

n/a

Related CVEs

n/a

First Name

Last Name

Email Address

Relationship to Mitel

By providing the above information, you agree that we may process your personal data in accordance with our Privacy Policy.

Do you agree to the terms and conditions of using our services?

Search

Select your Region/Country/Language

Americas

Europe

Oceania

XSS Vulnerability in MiCollab AWV

Stay One Step Ahead

Ready to talk to sales? Contact us.