Reflected XSS Vulnerability in ShoreTel Connect ONSITE

Reflected XSS Vulnerability in ShoreTel Connect ONSITE

CVE-2019-9591 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE before 19.49.1500.0 allows remote attackers to inject arbitrary web script or HTML via the brandUrl parameter.

Learn more about our Web App Pen Testing.