Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting Vulnerability

Allworx Server Manager versions 6x, 6x12, and 48x suffer from multiple cross site scripting vulnerabilities. Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities history.pushState'', '', '/' ::: default.asp ::: input type="hidden" name="Tab" v...

Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities

Summary The Allworx phone system enables users to manage voicemails in the Allworx Message Center and customize the personal phone system configurations using My Allworx Manager. Description Allworx server manager interface suffers from multiple reflected XSS vulnerabilities when input passed via...