| 제목 | fusionpbx.com fusionpbx 20250707 Reflective XSS |
|---|
| 설명 | Fusionpbx has a reflective XSS vulnerability。Reflective Cross-Site Scripting (XSS) is a serious web security vulnerability that allows attackers to inject malicious scripts into a website's response, which are immediately executed in the victim’s browser when they visit a crafted link. Unlike stored XSS, the payload isn’t saved on the server, but reflected back from parameters such as URL query strings or form inputs. Attackers can exploit this to steal cookies, hijack sessions, deface pages, or perform arbitrary actions on behalf of the user—often without their knowledge. This poses significant risks to both users and website owners, undermining trust and potentially leading to data breaches or account compromise.
For details of vulnerabilities, please refer to:https://github.com/William-xin/CVEs/issues/5 |
|---|
| 원천 | ⚠️ https://github.com/William-xin/CVEs/issues/5 |
|---|
| 사용자 | Starwung (UID 72280) |
|---|
| 제출 | 2025. 07. 07. AM 09:16 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 14. AM 09:32 (7 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 203088 [FusionPBX 4.5.26 resources/login.php path 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 0 |
|---|