Vulnerabilities > Sangoma > Freepbx > 15.0.16.27
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-02 | CVE-2023-43336 | Unspecified vulnerability in Sangoma Freepbx Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101. | 8.8 |
| 2019-12-06 | CVE-2019-19552 | Cross-site Scripting vulnerability in Sangoma Freepbx 13.0/13.0.0.0/13.0.1 In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. | 3.5 |
| 2019-12-06 | CVE-2019-19551 | Cross-site Scripting vulnerability in Sangoma Freepbx 13.0/13.0.0.0/13.0.1 In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. | 3.5 |