First published: Fri Aug 03 2018(Updated: )
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
3cx 3cx Web Server | =15.5.8801.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2018-14905.
The severity level of CVE-2018-14905 is medium.
The 3CX version 15.5.8801.3 is affected by CVE-2018-14905.
CVE-2018-14905 is a Reflected XSS vulnerability.
You can find more information about CVE-2018-14905 on the following link: https://medium.com/stolabs/security-issues-on-3cx-web-service-d9dc7f1bea79