Vulnerabilities > Mitel > Micontact Center Business > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-13 CVE-2023-22854 Unspecified vulnerability in Mitel Micontact Center Business
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters.
network
low complexity
mitel
7.5
2020-09-25 CVE-2020-24692 Improper Input Validation vulnerability in Mitel Micontact Center Business
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS.
local
low complexity
mitel CWE-20
7.1