CVE-2019-16983 Information

Description

In FusionPBX up to v4.5.7 the file resources\paging.php has a paging function (called by several pages of the interface) which uses an unsanitized \param\ variable constructed partially from the URL args and reflected in HTML leading to XSS.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://github.com/fusionpbx/fusionpbx/commit/23581e56e9a4d1685ddf1c7d67137417d654e134 https://resp3ctblog.wordpress.com/2019/10/19/fusionpbx-xss-15/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1