Medium severity6.1NVD Advisory· Published May 24, 2023· Updated Jun 17, 2026
CVE-2023-25598
CVE-2023-25598
Description
A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the home.php page. A successful exploit could allow an attacker to execute arbitrary scripts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Mitel/MiVoice Connectdescription
- Range: <=19.3 SP2, <=20.x, <=21.x, <=22.24.1500.0
Patches
Vulnerability mechanics
References
2- www.mitel.com/support/security-advisoriesnvdVendor Advisory
- www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0003nvdVendor Advisory
News mentions
0No linked articles in our index yet.