2 matches found
CVE-2021-43403
An issue was discovered in FusionPBX before 4.5.30. The logviewer.php Log View page allows an authenticated user to choose an arbitrary filename for download i.e., not necessarily freeswitch.log in the intended directory...
PT-2021-20055 · Oracle · Oracle Glassfish Server
Name of the Vulnerable Software and Affected Versions: Oracle GlassFish Server versions 3.1.2.18 and below Description: The issue allows a malicious user to cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the...