6.1793

DATE	CVE	VULNERABILITY TITLE	RISK
2009-08-03	CVE-2008-6894	Cross-Site Scripting vulnerability in 3CX Phone System 6.0.806.0/6.1793 Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fName and (2) fPassword parameters. network 3cx CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.