A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an malicious user to extract sensitive information from the database and execute arbitrary scripts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mitel micollab audio\\, web \\& video conferencing |