Vulnerabilities > Vicidial > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2021-35377 | Cross-site Scripting vulnerability in Vicidial Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMP_admin.php parameters. | 6.1 |
| 2022-07-05 | CVE-2022-34879 | Cross-site Scripting vulnerability in Vicidial 2.14B0.5 Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. | 6.1 |
| 2022-02-15 | CVE-2021-46557 | Cross-site Scripting vulnerability in Vicidial 2.14783A Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs. | 5.4 |