Security Advisory – High Risk XSS Vulnerability in MiContact Center Business

Mitel’s Product Security Advisory 24-0012 reports a high-risk reflected cross-site scripting (XSS) vulnerability in the Legacy Chat component of MiContact Center Business (version and earlier). This vulnerability could allow malicious scripts to be executed by an attacker. Mitel recommends updating to the latest software release to mitigate this risk. The vulnerability was publicly disclosed on April 24, 2024, with credits to Teguh Darmawangsa for the discovery.

For more details, visit the Mitel Security Advisory.