ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting

ShoreTel Conferencing version 19.46.1802.0 suffers from a cross site scripting vulnerability.

MD5 | 2f5b884078ccb6aa0728f24e32a5bea8

# Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting
# Date: 11/8/2020
# Exploit Author: Joe Helle
# Vendor Homepage:
# Version: 19.46.1802.0
# Tested on: Linux
# CVE: 2020-28351


The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could
allow an unauthenticated attacker to conduct a reflected cross-site
scripting attack (XSS) via the PATH_INFO to index.php, due to insufficient
validation for the time_zone object in the HOME_MEETING& page.

Vulnerable payload

Vulnerability is in the HOME_MEETINGS& page, where a time_zone dropdown
object is located. Upon executing the payload, the exploit executes when
the mouse is rolled over the dropdown menu object.

Related Posts