CVE-2019-16968
21.10.2019, 20:15
An issue was discovered in FusionPBX up to 4.5.7. In the file app\conference_controls\conference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS.
Vendor | Product | Version |
---|---|---|
fusionpbx | fusionpbx | 𝑥 ≤ 4.5.7 |
𝑥
= Vulnerable software versions
References