CVE-2023-37190

Published
View on NVD ↗
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature.

sahiloj/CVE-2023-37190
sahiloj/CVE-2023-37190
CVE-2023-37190 | Issabel PBX v.4.0.0-6 | Stored XSS in "Virtual Fax Name" and "Caller ID Name" in the New Virtual Fax feature.
GitHubGitHub
1