Pbx Security Vulnerabilities and Issues — Pbx CVE List

Lucene search

IssabelPbx

5 matches found

CVE•added 2021/07/06 7:15 p.m.•56 views

CVE-2021-34190

A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Name" or "Prefix" fields under the "Create New Rate" module.

4.8CVSS5AI score0.00235EPSS

CVE•added 2023/07/11 2:15 a.m.•28 views

CVE-2023-37190

A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature.

4.8CVSS4.9AI score0.00089EPSS

CVE•added 2023/07/11 1:15 a.m.•28 views

CVE-2023-37191

4.8CVSS4.9AI score0.0041EPSS

CVE•added 2023/07/13 9:15 p.m.•28 views

CVE-2023-37598

A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function.

4.5CVSS4.9AI score0.00335EPSS

CVE•added 2023/07/11 2:15 a.m.•23 views

CVE-2023-37189

A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module.

4.8CVSS5AI score0.00522EPSS