Security Advisory

CVE-2025-67823

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-15 00:00:00

Last updated 2026-01-16 15:02:06

Assigner mitre

State PUBLISHED

Description

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction where the email channel is enabled. This could allow an attacker to execute arbitrary scripts in the victims browser or desktop client application.

← Browse all CVEs View on cve.org ↗