2 matches found
CVE-2021-43695
issabelPBX version 2.11 is affected by a Cross Site Scripting XSS vulnerability. In file page.backuprestore.php, the exit function will terminate the script and print the message to the user. The message will contain $REQUEST without sanitization, then there is a XSS vulnerability...
CVE-2021-43695
Summary: CVE-2021-43695 affects issabelPBX 2.11. The vulnerability exists in page.backup_restore.php where the exit function prints a message containing unsanitized $_REQUEST, enabling a reflected XSS. The available documents do not specify a patch or workaround. The issue is confirmed across mul...