CVE-2019-16968
An issue was discovered in FusionPBX up to 4.5.7. In the file appconference_controlsconference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS.
Date published : 2019-10-21
https://github.com/fusionpbx/fusionpbx/commit/02378c54722d89f875c66ddb00ff06468dabbc6d