2 matches found
CVE-2023-37189
A stored cross site scripting XSS vulnerability in index.php?menu=billingrates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module...
CVE-2023-37189
CVE-2023-37189 affects Issabel PBX v4, where a stored XSS exists in index.php?menu=billing_rates via crafted payloads in Name or Prefix under Create New Rate. The underlying issue allows execution of arbitrary web scripts/HTML in authenticated contexts. Public details consistently describe the vu...