Advisory ID: MISA-2025-0010 - Identifies the unique identifier for this security advisory. Publish Date: 2025-12-10 - Indicates when the advisory was first published. Last Updated: 2026-01-05 - Shows the most recent update to the advisory. Revision: 2.0 - Indicates the version of the advisory. Summary: - A cross-site scripting (XSS) vulnerability in the Ignite Mail component of MiContact Center Business and Mitel CX allows an attacker to execute arbitrary scripts due to insufficient input validation. Vulnerability Severity: - Rated as high, with specific CVE IDs and CVSS scores provided for MiContact Center Business and Mitel CX. Affected Products and Solutions: - Lists the impacted products (MiContact Center Business and Mitel CX), versions affected, and the available solutions/hotfixes. Solution/Recommended Action: - Recommends upgrading to specific versions and applying the provided hotfixes. Related CVEs/CWEs/Advisories: - Links this advisory to related Common Vulnerabilities and Exposures. Revision History: - Tracks changes to the advisory over time. Publisher and Legal Disclaimer: - Information on the publisher, Mitel PSIRT, and legal terms regarding the advisory.