Nch - Axon Pbx CVE

Filtered by vendor Nch Subscribe

Filtered by product Axon Pbx

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-37440	1 Nch	1 Axon Pbx	2021-08-05	4.0 MEDIUM	6.5 MEDIUM
NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.
CVE-2018-11552	1 Nch	1 Axon Pbx	2018-07-03	4.3 MEDIUM	6.1 MEDIUM
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.

Vulnerabilities (CVE)