Lucene search
PRIOn knowledge basePRION:CVE-2018-15891HistoryJun 20, 2019 - 5:15 p.m.
Design/Logic Flaw
2019-06-2017:15:00
PRIOn knowledge base
www.prio-n.com
5
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freepbx | eq | 15.0.1 | |
| freepbx | lt | 13.0.122.43 | |
| freepbx | ge | 14.0.0 | |
| freepbx | lt | 14.0.18.34 | |
| freepbx | eq | 15.0.1 beta4 | |
| freepbx | ge | 15.0.0 | |
| freepbx | le | 15.0.1 |
Related
cve
cve
CVE-2018-15891
2019-06-20 17:15:09
openvas
openvas
FreePBX < 13.0.122.43, < 14.0.18.34 XSS Vulnerability
2019-07-11 00:00:00
osv
osv
CVE-2018-15891
2019-06-20 17:15:09
cvelist
cvelist
CVE-2018-15891
2019-06-20 16:35:57
nvd
nvd
CVE-2018-15891
2019-06-20 17:15:09