Luis Daniel Lucio Quiroz

1 exploit Active since May 2021
CVE-2020-21054 WRITEUP MEDIUM WRITEUP
FusionPBX 4.5.7 - Cross-Site Scripting via Unsanitized 'f' Variable
Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php.
CVSS 6.1