CVE-2019-16983

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-16983

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16983.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16983

Published

2019-10-21T16:15:17.913Z

Modified

2025-11-19T17:34:05.631873Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.

References

Affected packages

Git / github.com/fusionpbx/fusionpbx

Affected ranges

Type: GIT
Repo: https://github.com/fusionpbx/fusionpbx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

23581e56e9a4d1685ddf1c7d67137417d654e134

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16983.json"