A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-03-13T19:00:00
Updated: 2018-09-07T17:57:02
Reserved: 2017-10-31T00:00:00
Link: CVE-2017-16251
JSON object: View
NVD Information
Status : Modified
Published: 2018-03-13T19:29:00.280
Modified: 2018-09-07T18:29:00.450
Link: CVE-2017-16251
JSON object: View
Redhat Information
No data.
CWE