Vulnerabilities > Issabel > PBX

DATE CVE VULNERABILITY TITLE RISK
2021-11-29 CVE-2021-43695 Cross-site Scripting vulnerability in Issabel PBX 2.11
issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability.
network
issabel CWE-79
4.3
4.3
2021-07-06 CVE-2021-34190 Cross-site Scripting vulnerability in Issabel PBX 4
A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Name" or "Prefix" fields under the "Create New Rate" module.
network
issabel CWE-79
3.5
3.5