In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-21T15:20:03
Updated: 2024-08-05T01:24:48.582Z
Reserved: 2019-09-29T00:00:00
Link: CVE-2019-16983
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-10-21T16:15:17.913
Modified: 2023-02-03T21:36:10.140
Link: CVE-2019-16983
Redhat
No data.