Vulnerabilites related to freepbx - contactmanager
Vulnerability from fkie_nvd
Published
2019-10-21 19:15
Modified
2024-11-21 04:31
Severity ?
Summary
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\admin\modules\contactmanager\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633 | Patch, Third Party Advisory | |
| cve@mitre.org | https://issues.freepbx.org/browse/FREEPBX-20437 | Vendor Advisory | |
| cve@mitre.org | https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.freepbx.org/browse/FREEPBX-20437 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/ | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freepbx | contactmanager | * | |
| freepbx | contactmanager | * | |
| freepbx | contactmanager | * | |
| freepbx | contactmanager | 13.0.0 | |
| freepbx | contactmanager | 13.0.0 | |
| freepbx | contactmanager | 13.0.0 | |
| freepbx | contactmanager | 13.0.0 | |
| freepbx | contactmanager | 13.0.0 | |
| freepbx | contactmanager | 14.0.1 | |
| freepbx | contactmanager | 14.0.1 | |
| freepbx | contactmanager | 14.0.1 | |
| freepbx | contactmanager | 14.0.1 | |
| freepbx | contactmanager | 14.0.1 | |
| freepbx | contactmanager | 14.0.1 | |
| sangoma | freepbx | 14.0.10.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freepbx:contactmanager:*:*:*:*:*:freepbx:*:*", matchCriteriaId: "59979723-3B4E-45EA-BD04-E25E9A8BACEE", versionEndExcluding: "13.0.45.3", versionStartIncluding: "13.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:*:*:*:*:*:freepbx:*:*", matchCriteriaId: "B7EF4F25-9015-499C-8265-4119AA15CA44", versionEndExcluding: "14.0.5.12", versionStartIncluding: "14.0.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:*:*:*:*:*:freepbx:*:*", matchCriteriaId: "FE24C29C-53AE-4746-B742-15A5A7E8B57A", versionEndExcluding: "15.0.8.21", versionStartIncluding: "15.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:13.0.0:beta1:*:*:*:freepbx:*:*", matchCriteriaId: "458222C4-7AF6-4D74-98E3-CC0C308B6085", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:13.0.0:beta2:*:*:*:freepbx:*:*", matchCriteriaId: "8968630F-6F4F-47FF-AD3E-6AC121597791", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:13.0.0:beta3:*:*:*:freepbx:*:*", matchCriteriaId: "E087BBAD-8491-4E67-B6FF-3481D9746463", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:13.0.0:beta4:*:*:*:freepbx:*:*", matchCriteriaId: "E82BD63A-259A-4F71-B5B6-DC8BA24412E9", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:13.0.0:beta5:*:*:*:freepbx:*:*", matchCriteriaId: "B844666B-D752-4018-A795-42223B50E7CE", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:-:*:*:*:freepbx:*:*", matchCriteriaId: "2FDA6DD1-E454-4B35-8B3A-F9897C709A24", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:alpha1:*:*:*:freepbx:*:*", matchCriteriaId: "29E6AFB9-B604-418F-9521-5827F1483D76", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:alpha2:*:*:*:freepbx:*:*", matchCriteriaId: "8B0541CE-673E-4DE8-8319-61EA95756BFB", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:beta1:*:*:*:freepbx:*:*", matchCriteriaId: "697B337D-3DD3-484D-8AAF-11596EE5A05B", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:beta2:*:*:*:freepbx:*:*", matchCriteriaId: "18ABD7D8-B6E9-4877-883B-B8932FC9D5ED", vulnerable: true, }, { criteria: "cpe:2.3:a:freepbx:contactmanager:14.0.1:beta3:*:*:*:freepbx:*:*", matchCriteriaId: "FA5D2378-F16E-485C-85EC-46F26A01A475", vulnerable: true, }, { criteria: "cpe:2.3:a:sangoma:freepbx:14.0.10.3:*:*:*:*:*:*:*", matchCriteriaId: "CE03D797-BB0A-4820-922B-53B35B546259", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\\admin\\modules\\contactmanager\\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.", }, { lang: "es", value: "Se detectó un problema en Contactmanager versiones 13.x anteriores a 13.0.45.3, versiones 14.x anteriores a 14.0.5.12 y versiones 15.x anteriores a 15.0.8.21 para FreePBX versión 14.0.10.3. En la clase Contactmanager (archivo html\\admin\\modules\\contactmanager\\Contactmanager.class.php), una variable group no saneada que proviene de la URL es reflejada en HTML en 2 ocasiones, conllevando a una vulnerabilidad de tipo XSS. Que puede ser solicitada mediante una petición GET en /admin/ajax.php?module=contactmanager.", }, ], id: "CVE-2019-16966", lastModified: "2024-11-21T04:31:26.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-21T19:15:11.030", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://issues.freepbx.org/browse/FREEPBX-20437", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://issues.freepbx.org/browse/FREEPBX-20437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2019-16966
Vulnerability from cvelistv5
Published
2019-10-21 18:57
Modified
2024-08-05 01:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\admin\modules\contactmanager\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.
References
| ▼ | URL | Tags |
|---|---|---|
| https://issues.freepbx.org/browse/FREEPBX-20437 | x_refsource_MISC | |
| https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633 | x_refsource_MISC | |
| https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:24:48.665Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://issues.freepbx.org/browse/FREEPBX-20437", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\\admin\\modules\\contactmanager\\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-21T18:57:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://issues.freepbx.org/browse/FREEPBX-20437", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", }, { tags: [ "x_refsource_MISC", ], url: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-16966", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\\admin\\modules\\contactmanager\\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://issues.freepbx.org/browse/FREEPBX-20437", refsource: "MISC", url: "https://issues.freepbx.org/browse/FREEPBX-20437", }, { name: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", refsource: "MISC", url: "https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633", }, { name: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", refsource: "MISC", url: "https://resp3ctblog.wordpress.com/2019/10/19/freepbx-xss-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-16966", datePublished: "2019-10-21T18:57:44", dateReserved: "2019-09-29T00:00:00", dateUpdated: "2024-08-05T01:24:48.665Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }