3 matches found
CVE-2018-11552
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON-Auto-Dialer-Agents-Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable applicati...
CVE-2018-11552
AXON PBX 2.02 contains a reflected XSS in the Name field under AXON→Auto-Dialer→Agents. The issue stems from insufficient filtering of user-supplied data, allowing a remote attacker to execute arbitrary HTML/script in the victim’s browser. Multiple connected sources (NVD/CNVD/packetstorm referenc...
AXON PBX 2.02 Cross Site Scripting
Aloha, 1. Introduction Vendor: NCH Software Affected Product: AXON PBX - 2.02 Vendor Website: http://www.nch.com.au/pbx/index.html Vulnerability Type: Reflected XSS Remote Exploitable: Yes CVE ID: CVE-2018-11552 2. Overview There is a reflected XSS vulnerability in AXON PBX Web interface. The...