Vulnerabilities

CVE-2021-43403

by Fred · 05/11/2021

An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory).

Date published : 2021-11-05

https://github.com/fusionpbx/fusionpbx/commit/57b7bf0d6b67bda07d550b07d984a44755510d9c

Similar

Tags: Cybersecurity Alert