CVE-2019-16967
The CVE affects FreePBX Manager: versions 13.x before 13.0.2.6 and 15.x before 15.0.6 (prior to FreePBX 14.0.10.3). The vulnerability is a reflected XSS in the Manager module form (html/admin/modules/manager/views/form.php) due to an unsanitized managerdisplay value from the URL, exposed via GET ...