Vulnerabilities > Fusionpbx > Fusionpbx > 4.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-19 | CVE-2024-23387 | Cross-site Scripting vulnerability in Fusionpbx FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. | 4.8 |
2022-09-29 | CVE-2021-43403 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 6.5 |
2022-07-01 | CVE-2021-37524 | Cross-site Scripting vulnerability in Fusionpbx Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php. | 4.3 |
2021-11-05 | CVE-2021-43404 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
2021-11-05 | CVE-2021-43405 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
2021-11-05 | CVE-2021-43406 | Improper Input Validation vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 6.5 |
2019-11-29 | CVE-2019-19388 | Cross-site Scripting vulnerability in Fusionpbx 4.4.1 A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter. | 4.3 |
2019-11-29 | CVE-2019-19387 | Cross-site Scripting vulnerability in Fusionpbx 4.4.1 A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter. | 4.3 |
2019-11-29 | CVE-2019-19386 | Cross-site Scripting vulnerability in Fusionpbx 4.4.1 A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter. | 4.3 |
2019-11-29 | CVE-2019-19385 | Cross-site Scripting vulnerability in Fusionpbx 4.4.1 A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter. | 4.3 |