An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel up to and including 13.0.26.9, 14.x up to and including 14.0.2.14, and 15.x up to and including 15.0.15.4.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sangoma freepbx |