Lucene search
PRIOn knowledge basePRION:CVE-2020-28351HistoryNov 09, 2020 - 4:15 a.m.
Cross site scripting
2020-11-0904:15:00
PRIOn knowledge base
www.prio-n.com
0.004 Low
EPSS
Percentile
72.3%
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING& page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| shoretel_firmware | eq | 19.46.1802.0 |
Related
nuclei
nuclei
Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting
2021-09-15 06:13:50
githubexploit
githubexploit
Exploit for Cross-site Scripting in Mitel Shoretel Firmware
2020-11-06 18:49:47
nvd
nvd
CVE-2020-28351
2020-11-09 04:15:12
packetstorm
packetstorm
ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting
2020-11-10 00:00:00
cvelist
cvelist
CVE-2020-28351
2020-11-09 03:58:36
cve
cve
CVE-2020-28351
2020-11-09 04:15:12
exploitdb
exploitdb
ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting
2020-11-10 00:00:00