Mitel Product Security Advisory 16-0012

XSS Vulnerability in MiCollab AWV

Advisory ID: 16-0012
Publish Date: 2016-06-03
Revision: 1.0
Summary

A Cross-Site Scripting (XSS) Vulnerability was identified in MiCollab AWV.

Credit is given to Andrew Tierney, of Pen Test Partners, for the discovery and working with Mitel under coordinated disclosure.

Detailed Description

The identified vulnerability would allow an attacker to inject malicious scripts into a specific web page which would then be unknowingly executed by other users (potential victims) when vising the page.

Affected Products

The following products have been identified as being affected and vulnerable (updated 2016-06-03):

Product Name

Product Versions

Security Bulletin

Last Updated

MiCollab AWV

6.x, 5.x

16-0012-001

2016-06-03

External References

n/a

Related CVEs

n/a

First Name

Last Name

Email Address

Relationship to Mitel

By providing the above information, you agree that we may process your personal data in accordance with our Privacy Policy.

Do you agree to the terms and conditions of using our services?

Why MItel

Products & Services

Partners

Customers

Resources

Industries We Serve

Business Size

Business Need

Products

Services

Partnering with Mitel

Partner Support

Partner Training

Mitel Solutions Alliance

CloudLink Developers

CLIMB

Customer Resources

Expanding Capabilities

Careers

Press Releases

Technical Document Center

Security Advisories

Blog

Resource Center

Healthcare

Financial Services

Government

Hospitality

Whether you are a big hotel in a bustling city square or a series of cottages by a peaceful lake, having flexible and secure communications and collaboration tools are at the heart of the positive experience so crucial to your business.

Education

Business Phone Systems

Collaboration and Meetings

Contact Center

Phones and Accessories

Mission Critical and Vertical Solutions

By Lifecycle Phase

Featured

XSS Vulnerability in MiCollab AWV

Stay One Step Ahead

Ready to talk to sales? Contact us.