4 matches found
CVE-2018-15891
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name...
FreePBX < 13.0.122.43, < 14.0.18.34 XSS Vulnerability
FreePBX is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2018-15891
The CVE-2018-15891 issue affects FreePBX core prior to 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request to add Asterisk modules, an attacker can store JavaScript commands in a module name, enabling stored cross-site scripting. Connected sources corroborate the same description across...
CVE-2018-15891
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name...