An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. In the Manager module form (html\admin\modules\manager\views\form.php), an unsanitized managerdisplay variable coming from the URL is reflected in HTML, leading to XSS. It can be requested via GET request to /config.php?type=tool&display=manager.
References
Link | Resource |
---|---|
https://github.com/FreePBX/manager/commit/071a50983ca6a373bb2d1d3db68e9eda4667a372 | Patch Third Party Advisory |
https://issues.freepbx.org/browse/FREEPBX-20436 | Exploit Vendor Advisory |
https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-2/ | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-21T19:10:13
Updated: 2019-10-21T19:10:13
Reserved: 2019-09-29T00:00:00
Link: CVE-2019-16967
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-21T20:15:10.883
Modified: 2019-12-10T17:08:11.423
Link: CVE-2019-16967
JSON object: View
Redhat Information
No data.
CWE