3cx: >> 3cx >> 20.0.0.1466 Security Vulnerabilities
The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-12-25
3CX System through 2022-03-17 stores cleartext passwords in a database.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-03-28