CVE-2020-24692

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

Source: CVE-2020-24692

CVE-2018-10585

Pexip Infinity before 18 allows remote Denial of Service (XML parsing).

Source: CVE-2018-10585

CVE-2020-11805

Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN.

Source: CVE-2020-11805

CVE-2019-7178

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup.

Source: CVE-2019-7178

CVE-2020-23837

A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.

Source: CVE-2020-23837

CVE-2019-7177

Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin.

Source: CVE-2019-7177

CVE-2018-10432

Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP).

Source: CVE-2018-10432

CVE-2020-13387

Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323.

Source: CVE-2020-13387

CVE-2020-12824

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP.

Source: CVE-2020-12824

CVE-2017-17477

Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views.

Source: CVE-2017-17477