Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-0486
HistoryApr 04, 2023 - 11:15 p.m.

Cross site scripting

2023-04-0423:15:00
PRIOn knowledge base
www.prio-n.com
5
cross site scripting
vitalpbx
version 3.2.3-8
unauthenticated attacker
administrator account
malicious link
nvd

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance’s administrator account via a malicious link. This is possible because the application is vulnerable to XSS.

CPENameOperatorVersion
vitalpbxeq3.2.3 r8

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

Related for PRION:CVE-2023-0486