FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-43411)

FusionPBX is an open source enterprise IPPBX interface management system based on FreeSWITHC. A cross-site scripting vulnerability exists in app/dialplans/dialplans.php in FusionPBX 4.4.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the appuuid...

CVE-2019-19385

CVE-2019-19385 describes a cross-site scripting (XSS) vulnerability in FusionPBX 4.4.1, specifically in the file app/dialplans/dialplans.php. The issue allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter. The connected sources confirm the affected product/ver...

CVE-2019-19385

A cross-site scripting XSS vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the appuuid parameter...

Fedora 12 : asterisk-1.6.1.17-1.fc12 (2010-3381)

Update to 1.6.1.17 AST-2010-003: Invalid parsing of ACL rules can compromise security AST-2010-002: This security release is intended to raise awareness of how it is possible to insert malicious strings into dialplans, and to advise developers to read the best practices documents so that they may...