AI Score
Confidence
High
EPSS
Percentile
37.9%
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance’s administrator account via a malicious link. This is possible because the application is vulnerable to XSS.
fluidattacks.com/advisories/smith/
vitalpbx.com/