A remote code execution vulnerability in Mitel MiVoice Connect Client prior to 214.100.1223.0 could allow an malicious user to execute arbitrary code in the chat notification window, due to improper rendering of chat messages. A successful exploit could allow an malicious user to steal session cookies, perform directory traversal, and execute arbitrary scripts in the context of the Connect client.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mitel mivoice connect |