Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24592
Reference (s):
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0010
- https://www.mitel.com/support/security-advisories