Every CVE whose affected-product data names Issabel Pbx, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2023-37596 — CVSS 8.1 (high): Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a…
CVE-2023-37597 — CVSS 8.1 (high): Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the…
CVE-2023-37599 — CVSS 7.5 (high): An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory
CVE-2023-34839 — CVSS 6.8 (medium): A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom…
CVE-2021-43695 — CVSS 6.1 (medium): issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will…
CVE-2021-46558 — CVSS 5.4 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary…
CVE-2021-34190 — CVSS 4.8 (medium): A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute…
CVE-2023-37189 — CVSS 4.8 (medium): A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute…
CVE-2023-37190 — CVSS 4.8 (medium): A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or…
CVE-2023-37191 — CVSS 4.8 (medium): A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or…
CVE-2024-0986 — CVSS 4.7 (medium): A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file…
CVE-2023-37598 — CVSS 4.5 (medium): A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the…