Cross site scripting

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON-Auto-Dialer-Agents-Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable applicati...

CVE-2018-11552

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON-Auto-Dialer-Agents-Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable applicati...

CVE-2018-11552

AXON PBX 2.02 contains a reflected XSS in the Name field under AXON→Auto-Dialer→Agents. The issue stems from insufficient filtering of user-supplied data, allowing a remote attacker to execute arbitrary HTML/script in the victim’s browser. Multiple connected sources (NVD/CNVD/packetstorm referenc...

AXON PBX 2.02 Cross Site Scripting

Aloha, 1. Introduction Vendor: NCH Software Affected Product: AXON PBX - 2.02 Vendor Website: http://www.nch.com.au/pbx/index.html Vulnerability Type: Reflected XSS Remote Exploitable: Yes CVE ID: CVE-2018-11552 2. Overview There is a reflected XSS vulnerability in AXON PBX Web interface. The...

Android Auto Dialer Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. There is a security vulnerability in Android Auto Dialer. The vulnerability arises because the system-level Intent mechanism "android.intent.action.CALL" defined in...