CVE-2019-19851
16.03.2020, 16:15
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20.
Vendor | Product | Version |
---|---|---|
sangoma | freepbx | 𝑥 ≤ 13.0.4.7 |
sangoma | freepbx | 14.0.0.0 ≤ 𝑥 ≤ 14.0.24 |
sangoma | freepbx | 15.0.0.0 ≤ 𝑥 ≤ 15.0.2.20 |
𝑥
= Vulnerable software versions
References