CVE-2018-11552

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.
References
Link Resource
http://seclists.org/fulldisclosure/2018/May/70 Exploit Mailing List
Configurations

Configuration 1

cpe:2.3:a:nch:axon_pbx:2.02:*:*:*:*:*:*:*

Information

Published : 2018-06-01 05:29

Updated : 2018-07-03 02:50


NVD link : CVE-2018-11552

Mitre link : CVE-2018-11552

Products Affected
No products.
CWE