CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4283 – FreeBPX voicemail Settings ssettings.php cross site scripting
https://notcve.org/view.php?id=CVE-2021-4283
27 Dec 2022 — A vulnerability was found in FreeBPX voicemail. It has been rated as problematic. Affected by this issue is some unknown functionality of the file views/ssettings.php of the component Settings Handler. The manipulation of the argument key leads to cross site scripting. The attack may be launched remotely. • https://github.com/FreePBX/voicemail/commit/ffce4882016076acd16fe0f676246905aa3cb2f3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4282 – FreePBX voicemail page.voicemail.php cross site scripting
https://notcve.org/view.php?id=CVE-2021-4282
27 Dec 2022 — A vulnerability was found in FreePBX voicemail. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file page.voicemail.php. The manipulation leads to cross site scripting. The attack can be launched remotely. • https://github.com/FreePBX/voicemail/commit/12e1469ef9208eda9d8955206e78345949236ee6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •