A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0016