Security Advisory – Critical XSS Vulnerability in Mitel MiContact Center Business

A critical stored cross-site scripting (XSS) vulnerability was identified in the Ignite component of Mitel MiContact Center Business, disclosed in Mitel Product Security Advisory 24-0011. This vulnerability could allow attackers to execute arbitrary scripts on affected versions, specifically version 10.0.0.4 and earlier, impacting deployments using the Legacy Chat component. Mitel has rated this vulnerability as critical and advises updating to the latest software releases to mitigate risks. The advisory was published on April 24, 2024.

For more details, visit the Mitel Security Advisory.