CNNVD-202506-3085 Information
CNNVD ID
CNNVD-202506-3085
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
Mitel MiContact Center Business是加拿大敏迪(Mitel)公司的一款全媒体联络中心平台。该平台应用于客户沟通,生产管理等场景。 Mitel MiContact Center Business 10.0.0.4及之前版本、10.1.0.0至10.1.0.5版本和10.2.0.0至10.2.0.4版本存在安全漏洞,该漏洞源于遗留聊天组件输入验证不足,可能导致反射型跨站脚本攻击。
Description (English)
Mitel MiContact Center Business is a media focal point platform of the Canadian company Mitel. The platform should be used in client communication, production management, etc. There is a security loophole in Mitel MiContact Center Business 10.0.0.4 and previous versions, Versions 10.1.0.0 to 10.1.0.5 and Versions 10.2.0.0 to 10.2.0.4, which stems from inadequate input validation of legacy chat components, which may result in a cross-script attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
mitmproxy
Published
2025-06-24
Last Modified
2026-02-24
References
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0003 https://access.redhat.com/security/cve/cve-2025-27828
Patch
https://www.mitel.com/support/security-advisories
Share on: