CVE-2019-19384

Published November 29th, 2019

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.

fusionpbx/fusionpbx

Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.

GitHub

1.01K