Unrated severityNVD Advisory· Published Mar 31, 2025· Updated Nov 28, 2025
Xorcom CompletePBX <= 5.2.35 Reflected Cross-Site Scripting
CVE-2025-30006
Description
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting (XSS) in the administrative control panel.
This issue affects CompletePBX: all versions up to and prior to 5.2.35
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- vulncheck.com/advisories/completepbx-reflected-xssmitrethird-party-advisory
- www.xorcom.com/new-completepbx-release-5-2-36-1/mitrevendor-advisory
News mentions
0No linked articles in our index yet.