Vulnerabilities > NCH > Axon Virtual PBX > 2.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-11-20 | CVE-2009-4038 | Cross-Site Scripting vulnerability in NCH Axon Virtual PBX 2.10/2.11 Multiple cross-site scripting (XSS) vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) onok or (2) oncancel parameter to the logon program. | 4.3 |