Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-27401

The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).

  • Published: Aug 13, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-27401
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
mitel / micollab - 9.2
mitel / micollab 9.2-fp1 9.2-fp1.x
mitel / micollab 9.2 9.2.x