CVE-2020-12679 vulnerability in Mitel Products
Published on May 7, 2020

A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.

NVD

Products Associated with CVE-2020-12679

stack.watch emails you whenever new vulnerabilities are published in Mitel Mivoice Connect or Mitel Shoretel Conference Web. Just hit a watch button to start following.

Mitel Mivoice Connect

Mitel Shoretel Conference Web

Exploit Probability

EPSS

0.22%

Percentile

44.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-12679 vulnerability in Mitel ProductsPublished on May 7, 2020

Products Associated with CVE-2020-12679

Exploit Probability

CVE-2020-12679 vulnerability in Mitel Products
Published on May 7, 2020