Vulnerabilities > Nchsoftware

DATE CVE VULNERABILITY TITLE RISK
2021-07-25 CVE-2021-37453 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37454 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37455 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37456 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37457 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37458 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37459 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37460 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37461 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).
network
low complexity
nchsoftware CWE-79
5.4
2021-07-25 CVE-2021-37462 Cross-site Scripting vulnerability in Nchsoftware Axon PBX
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).
network
low complexity
nchsoftware CWE-79
5.4