CVE-2021-4283 – FreeBPX voicemail Settings ssettings.php cross site scripting
https://notcve.org/view.php?id=CVE-2021-4283
A vulnerability was found in FreeBPX voicemail. It has been rated as problematic. Affected by this issue is some unknown functionality of the file views/ssettings.php of the component Settings Handler. The manipulation of the argument key leads to cross site scripting. The attack may be launched remotely. • https://github.com/FreePBX/voicemail/commit/ffce4882016076acd16fe0f676246905aa3cb2f3 https://github.com/FreePBX/voicemail/releases/tag/release%2F14.0.6.25 https://vuldb.com/?ctiid.216872 https://vuldb.com/?id.216872 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-4282 – FreePBX voicemail page.voicemail.php cross site scripting
https://notcve.org/view.php?id=CVE-2021-4282
A vulnerability was found in FreePBX voicemail. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file page.voicemail.php. The manipulation leads to cross site scripting. The attack can be launched remotely. • https://github.com/FreePBX/voicemail/commit/12e1469ef9208eda9d8955206e78345949236ee6 https://github.com/FreePBX/voicemail/releases/tag/release%2F14.0.6.25 https://vuldb.com/?ctiid.216871 https://vuldb.com/?id.216871 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •