Vulnerability in Bsd
CVE-2007-2191
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are…
EPSS: 0.045 (90.2th percentile) — read the EPSS interpretation.
Affected products
- Bsd
- Freepbx — versions 2.2.1, 2.2_rc1
- Hp Hp-ux
- Hp Tru64
- Ibm Aix
- Linux Linux_kernel
- Santa_cruz_operation Sco_unix
- Sun Solaris
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (mailing-list, Exploit, x_refsource_FULLDISC)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)