A vulnerability classified as problematic was found in Englesystem up to 3.4.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DECT number/mobile number/work-log comment leads to cross site scripting.

This vulnerability is known as CVE-2023-50924. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.