| عنوان | fusionpbx.com fusionpbx 20250707 Reflective XSS |
|---|
| الوصف | Fusionpbx has a reflective XSS vulnerability。Reflective Cross-Site Scripting (XSS) is a serious web security vulnerability that allows attackers to inject malicious scripts into a website's response, which are immediately executed in the victim’s browser when they visit a crafted link. Unlike stored XSS, the payload isn’t saved on the server, but reflected back from parameters such as URL query strings or form inputs. Attackers can exploit this to steal cookies, hijack sessions, deface pages, or perform arbitrary actions on behalf of the user—often without their knowledge. This poses significant risks to both users and website owners, undermining trust and potentially leading to data breaches or account compromise.
For details of vulnerabilities, please refer to:https://github.com/William-xin/CVEs/issues/5 |
|---|
| المصدر | ⚠️ https://github.com/William-xin/CVEs/issues/5 |
|---|
| المستخدم | Starwung (UID 72280) |
|---|
| ارسال | 07/07/2025 09:16 AM (11 أشهر منذ) |
|---|
| الاعتدال | 14/07/2025 09:32 AM (7 days later) |
|---|
| الحالة | مكرر |
|---|
| إدخال VulDB | 203088 [FusionPBX 4.5.26 resources/login.php path البرمجة عبر المواقع] |
|---|
| النقاط | 0 |
|---|