4 matches found
CVE-2019-19552
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another...
CVE-2019-19552
creationtimestamp| type| source ---|---|--- 2024-03-07 20:41:40+00:00| seen| https://t.me/ctinow/202758...
CVE-2019-19552
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another...
CVE-2019-19552
In CVE-2019-19552, the affected software is Sangoma FreePBX FreePBX Userman, version range 13.0.76.43 through 15.0.20, where an XSS vulnerability exists in the Administrator web UI at /admin/config.php?display=userman. The root cause is a stored/reflected XSS in the User Management screen that al...