Medium severity4.8NVD Advisory· Published Jan 19, 2024· Updated Jun 17, 2026
CVE-2024-23387
CVE-2024-23387
Description
FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN67215338/nvdThird Party Advisory
- www.fusionpbx.comnvdProduct
News mentions
0No linked articles in our index yet.