| Название | fusionpbx.com fusionpbx 20250707 Reflective XSS |
|---|
| Описание | Fusionpbx has a reflective XSS vulnerability。Reflective Cross-Site Scripting (XSS) is a serious web security vulnerability that allows attackers to inject malicious scripts into a website's response, which are immediately executed in the victim’s browser when they visit a crafted link. Unlike stored XSS, the payload isn’t saved on the server, but reflected back from parameters such as URL query strings or form inputs. Attackers can exploit this to steal cookies, hijack sessions, deface pages, or perform arbitrary actions on behalf of the user—often without their knowledge. This poses significant risks to both users and website owners, undermining trust and potentially leading to data breaches or account compromise.
For details of vulnerabilities, please refer to:https://github.com/William-xin/CVEs/issues/5 |
|---|
| Источник | ⚠️ https://github.com/William-xin/CVEs/issues/5 |
|---|
| Пользователь | Starwung (UID 72280) |
|---|
| Представление | 07.07.2025 09:16 (11 месяцы назад) |
|---|
| Модерация | 14.07.2025 09:32 (7 days later) |
|---|
| Статус | Дубликат |
|---|
| Запись VulDB | 203088 [FusionPBX 4.5.26 resources/login.php path межсайтовый скриптинг] |
|---|
| Баллы | 0 |
|---|