Summary
FreePBX is prone to an information-disclosure vulnerability that may expose administrator's credentials.
Successful exploits will allow unauthenticated attackers to obtain sensitive information that may aid in further attacks.
Solution
Report indicates that this issue has been fixed. Please contact the vendor for more information.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Open For Business HTML injection vulnerability
- A Really Simple Chat Multiple XSS Vulnerabilities
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability