Freepbx - Freepbx CVE

Filtered by vendor Freepbx Subscribe

Filtered by product Freepbx

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-15891	2 Freepbx, Sangoma	2 Freepbx, Freepbx	2019-12-10	3.5 LOW	4.8 MEDIUM
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.

Vulnerabilities (CVE)