Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, 3 Call-ID, 4 User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by...