The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mitel micollab |
||
mitel micollab 9.2 |