3CX Cross-Site Scripting Vulnerability (CNVD-2018-17519)
3CX is an IP telephony device from 3CX USA. A cross-site scripting vulnerability exists in the 'propertyPath' parameter of the stack trace of the web server in version 15.5.8801.3 of 3CX. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...