First published: Sun Jul 25 2021(Updated: )
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Nchsoftware Axon Pbx | <=2.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-37453.
The title of this vulnerability is 'Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored)'.
The severity level of CVE-2021-37453 is medium (5.4).
The vulnerability affects NCH Axon PBX version 2.22 and earlier via the extension name (stored), allowing for Cross Site Scripting (XSS) attacks.
There is currently no available fix for this vulnerability. It is recommended to apply security patches or updates from the software vendor.