VYPR
Medium severity4.8NVD Advisory· Published Jan 19, 2024· Updated Jun 17, 2026

CVE-2024-23387

CVE-2024-23387

Description

FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • FusionPBX/FusionPBXllm-fuzzy2 versions
    <5.1.0+ 1 more
    • (no CPE)range: <5.1.0
    • (no CPE)range: prior to 5.1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.