Home

CVE-2021-27401

Description

The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.275

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in MiCollab 9.1.3Windows
Multiple Vulnerabilities are affected in MiCollab 9.2Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-346722MiCollab (10.0.105)
PATCH-346722MiCollab (10.0.105)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234