CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

June 24, 2025

CVE ID : CVE-2025-27827

Published : June 24, 2025, 2:15 p.m. | 23 minutes ago

Description : A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper handling of session data. A successful exploit requires user interaction and could allow an attacker to access sensitive information, leading to unauthorized access to active chat rooms, reading chat data, and sending messages during an active chat session.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

Next Article CVE-2025-6566 – Oatpp Oat++ JSON DeserializeArray Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-3963 – Withstars Books-Management-System Background Interface Remote Authorization Bypass Vulnerability

April 27, 2025

CVE ID : CVE-2025-3963

Published : April 27, 2025, 8:15 a.m. | 3 hours, 52 minutes ago

Description : A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of the component Background Interface. The manipulation leads to missing authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-3969 – Codeprojects News Publishing Site Dashboard Remote File Upload Vulnerability

CVE-2025-4462 – TOTOLINK N150RT Buffer Overflow Vulnerability

CVE-2025-50251 – Makeplane Plane SSRF Vulnerability

Designing User-Centric Forms: 4 Great Form Examples

CVE-2025-3963 – Withstars Books-Management-System Background Interface Remote Authorization Bypass Vulnerability

Nintendo Switch 2 preorders delayed in US due to tariffs, expect similar problems for future Xbox hardware

AI-driven deception: A new face of corporate fraud

WasIstLos – unofficial WhatsApp desktop application

CVE-2025-27827 – Mitel MiContact Center Business Session Data Information Disclosure

Related Posts