sahiloj/CVE-2023-37189

Releases0

Stars1

CVE-2023-37189 | Issabel PBX v.4.0.0-6 | Stored XSS in the billing feature.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-37189 ↗	Jul 11, 2023Tuesday, 11 July 2023, 02:15	4.8 MEDIUM	—
A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module.