In VoIPmonitor VoIPmonitor GUI version 24.55 a Cross Site Scripting (XSS) exists in the VoIPmonitor GUI that can be attacked via SIP resulting in Privilege escalation.