CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19370

A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the file upload interface. A successful exploit could allow an attacker to execute arbitrary scripts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0008
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0008

Products affected by CVE-2019-19370

Mitel » Micollab » Version: N/A

cpe:2.3:a:mitel:micollab:-
Mitel » Micollab » Version: 8.1.2.1

cpe:2.3:a:mitel:micollab:8.1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19370

Products

Pricing

Contact Us