CVE-2023-33758 | SpliceCom Maximiser Soft PBX up to 1.5 Login CLIENT_NAME/DEVICE_GUID cross site scripting

Posted by Angelo Barbosa | Jan 25, 2024 | CVE

A vulnerability classified as problematic was found in SpliceCom Maximiser Soft PBX up to 1.5. This vulnerability affects unknown code of the component Login. The manipulation of the argument CLIENT_NAME/DEVICE_GUID leads to cross site scripting.

This vulnerability was named CVE-2023-33758. The attack can be initiated remotely. There is no exploit available.

CVE-2023-33758 | SpliceCom Maximiser Soft PBX up to 1.5 Login CLIENT_NAME/DEVICE_GUID cross site scripting

Related Posts

CVE-2024-3915 | Swift Framework Plugin up to 2.7.31 on WordPress Content Page authorization

CVE-2024-41290 | FlatPress CMS 1.3/1.3.1 improper authentication

CVE-2024-7416 | Reveal Template Plugin up to 3.7 on WordPress information disclosure

CVE-2024-6359 | OpenText ArcSight Intelligence up to 6.4.12 privileges management