NotCVE - vendor:"Vicidial" product:"Vicidial" version:"2.14-597c"

2 results (0.014 seconds)

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-35377

https://notcve.org/view.php?id=CVE-2021-35377

06 Mar 2023 — Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMP_admin.php parameters. • http://vicidial.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-46557

https://notcve.org/view.php?id=CVE-2021-46557

15 Feb 2022 — Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs. Se ha detectado que Vicidial versión 2.14-783a contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio de las pestañas de entrada • https://github.com/Zeyad-Azima/Vicidial-stored-XSS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •