Lucene search

[email protected]CVE-2019-16991

HistoryOct 21, 2019 - 4:15 p.m.

CVE-2019-16991

2019-10-2116:15:18

CWE-79

[email protected]

web.nvd.nist.gov

fusionpbx

v4.5.7

url

reflected xss

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.3%

JSON

In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized “file” variable coming from the URL, which is reflected in HTML, leading to XSS.

Affected configurations

NVD

Node

fusionpbxfusionpbxRange≤4.5.7

CPENameOperatorVersion
fusionpbx:fusionpbxfusionpbxle4.5.7

CPE	Name	Operator	Version
fusionpbx:fusionpbx	fusionpbx	le	4.5.7

References

github.com/fusionpbx/fusionpbx/commit/cd4632b46c62855f7e1c1c93d20ffd64edcb476e

resp3ctblog.wordpress.com/2019/10/19/fusionpbx-xss-20/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.3%

JSON

Related for CVE-2019-16991

nvd1 prion1 cvelist1