The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to improper input validation, aka XSS.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25606
Reference (s):
- https://www.mitel.com/support/security-advisories