Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IssabelPbx 跨站脚本漏洞
Vulnerability Description
IssabelPbx是Issabel基金会的一个开源 Gui(图形用户界面)。用于控制和管理 Asterisk (Pbx)。 issabelPBX 存在跨站脚本漏洞,该漏洞源于在文件 page.backup_restore.php 中,退出函数将终止脚本并将消息打印给用户。 该消息将包含未经清理的 $_REQUEST,则存在 XSS 漏洞。
CVSS Information
N/A
Vulnerability Type
N/A