3 matches found
CVE-2020-21053
Cross Site Scriptiong XSS vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "querystring" variable in app\devices\deviceimports.php...
CVE-2020-21053
Cross Site Scriptiong XSS vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "querystring" variable in app\devices\deviceimports.php...
CVE-2020-21053
FusionPBX 4.5.7 contains a Cross-Site Scripting (XSS) vulnerability in app\devices\device_imports.php via an unsanitized query_string variable. Several connected sources confirm the issue, describing that remote attackers can inject arbitrary web script or HTML through this parameter, leading to ...