Vulnerabilities > Fusionpbx > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-17 | CVE-2019-11408 | Cross-site Scripting vulnerability in Fusionpbx 4.4.3 XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. | 4.3 |
| 2019-06-17 | CVE-2019-11407 | Information Exposure vulnerability in Fusionpbx 4.4.3 app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information. | 4.0 |