First published: Fri Aug 03 2018(Updated: )
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
3cx 3cx Web Server | =15.5.8801.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2018-14906.
The severity of CVE-2018-14906 is medium, with a severity value of 6.1.
Version 15.5.8801.3 of 3CX Web Server is affected by CVE-2018-14906.
CVE-2018-14906 allows for Reflected XSS attacks on the propertyPath parameters in stack traces, potentially leading to unauthorized access or malicious actions.
The vendor, 3CX, should release a patch or update to address this vulnerability. Please check their official website or support channels for the latest information on fixes.