FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2024-01-19T03:47:57.987Z
Updated: 2024-08-01T23:06:24.192Z
Reserved: 2024-01-16T04:56:18.204Z
Link: CVE-2024-23387
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-19T04:15:09.987
Modified: 2024-01-25T02:00:29.210
Link: CVE-2024-23387
Redhat
No data.