Cross-Site Scripting Flaw in Mitel MiCloud Management Portal
CVE-2020-24594
9.6CRITICAL
What is CVE-2020-24594?
In Mitel's MiCloud Management Portal, versions before 6.1 SP5, an insufficient input validation vulnerability enables unauthenticated attackers to execute arbitrary scripts. By exploiting this flaw, attackers may gain access to user sessions, posing significant security risks to users of the platform. Organizations using the affected versions should promptly apply updates and review their security postures.