XSS in Sangoma Switchvox Smb Edition
CVE-2026-9585
An unauthenticated reflected cross-site scripting (XSS) vulnerability exists in Sangoma Switchvox SMB Edition version 8.3 (104997). The application fails to properly sanitize the portal parameter supplied to the invalid_browser and invalid…
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Sangoma Switchvox Smb Edition — versions 8.3 (104997)
Weakness classification (CWE)
References
- 57dba5dd-1a03-47f6-8b36-e84e47d335d8 (release-notes)
- 57dba5dd-1a03-47f6-8b36-e84e47d335d8 (third-party-advisory)