CVE-2019-19387

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT

Description

A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter.

fusionpbx/fusionpbx
fusionpbx/fusionpbx
Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.
GitHubGitHub
1.01K