Mitel MiContact Center Business
Easy fix5 remedies
cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*
Easy fix5 remedies
- >= 10.2.0.0, <= 10.2.0.4
- >= 10.1.0.0, <= 10.1.0.5
- >= 10.0.0.0, <= 10.0.0.4
- <= 9.5.0.3
Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability
Vulnerability
Patched
A reflected cross-site scripting vulnerability has been identified in the legacy chat component of Mitel MiContact Center Business, affecting versions through 10.0.0.4, 10.1.0.0 through 10.1.0.5, and 10.2.0.0 through 10.2.0.4. This vulnerability allows an unauthenticated attacker to conduct a reflected XSS attack due to insufficient input validation. Exploitation requires user interaction and could enable the execution of arbitrary scripts, with a limited impact on confidentiality and integrity.
Impact
Exploitation allows for reflected cross-site scripting, where an attacker can execute scripts in the context of the user's browser session.
Remediation
Users are advised to upgrade to MiContact Center Business version 10.2.0.5 or later. Hotfixes KB571322, KB571372, and KB571320 are also available for versions 10.1.0.5, 10.0.0.4, and 9.5.0.3, respectively. For more information, consult the Mitel Knowledge Base article SO8420 or contact a Mitel Authorized Partner.
Added: Jun 24, 2025, 2:18 PM
Updated: Jun 24, 2025, 3:33 PM
Vulnerability Rating
Custom Algorithm
spread
3.1impact
1.7exploitability
6.4remediation
8.3relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.