Vulnerabilities > Avaya > IP Office > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2020-7030 | Information Exposure vulnerability in Avaya IP Office A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. | 5.5 |
| 2019-01-23 | CVE-2018-15614 | Cross-site Scripting vulnerability in Avaya IP Office 10.0/10.1/11.0 A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. | 5.4 |