Vulnerabilities > 3CX > 3CX WEB Server > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-03 | CVE-2018-14907 | Information Exposure Through an Error Message vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. | 5.3 |
2018-08-03 | CVE-2018-14906 | Cross-site Scripting vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters. | 6.1 |
2018-08-03 | CVE-2018-14905 | Cross-site Scripting vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter. | 6.1 |