3cx: >> 3cx Web Server Security Vulnerabilities
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-08-03
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-08-03
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-08-03