10 matches found
CVE-2025-69606
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
CVE-2025-69606
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
CVE-2025-69606
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
CVE-2025-69606
GSVoIP Web Panel 2.0.90 is affected by an XSS in the msg parameter of /painel/gateways.php/error, where user input is not properly sanitized. Root cause: lack of input validation/encoding allows arbitrary JavaScript in HTML response, enabling client-side attacks (e.g., script execution, session h...
PT-2026-36527
Name of the Vulnerable Software and Affected Versions GSVoIP web panel version 2.0.90 Description A Cross-Site Scripting XSS issue exists where the /painel/gateways.php/error endpoint fails to properly sanitize user-supplied input in the msg parameter. This allows a remote attacker to inject...
CVE-2025-69606
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
Solutions VoIP GSVoIP web panel 跨站脚本漏洞
Solutions VoIP GSVoIP web panel is a VoIP management interface from Solutions VoIP. A cross-site scripting vulnerability in the Solutions VoIP GSVoIP web panel version 2.0.90, which stems from improperly cleaned user input for the msg parameter in the /painel/gateways.php/error endpoint, could le...
EUVD-2025-209607
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
CVE-2025-69606
Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...
Exploit for CVE-2025-69606
CVE-2025-69606 — Reflected XSS in GSVoIP Web Panel Severi...