2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 context parameter to panel/indexamp.php or 2 panel/dhtml/index.php; 3 clid or 4 clidname parameters to panel/flash/mypage.php; 5 PATHINFO to...
CVE-2012-4870
Multiple cross-site scripting XSS vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 context parameter to panel/indexamp.php or 2 panel/dhtml/index.php; 3 clid or 4 clidname parameters to panel/flash/mypage.php; 5 PATHINFO to...