CVE-2021-37459

CVE-2021-37459

EPSS 0.6%

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/0xfml/poc/blob/main/NCH/Axon_2.22_XSS.md https://www.nch.com.au/pbx/index.html