2020-01-09 Multiple XSS vulnerabilities in Backup & Restore Module

Owned by Nathaniel Halbrooks
Last updated: Jan 31, 2024
1 min read

SEC-2020-003

CVE ID: CVE-2019-19615

Overview:

Multiple XSS vulnerabilities have been discovered in the ‘Backup & Restore’ module for FreePBX 14.

 

Discovered By:
Respect

Impact:

  • CVSS v3.1 Details:

  • CVSS Base Score: 2.0

  • Impact Subscore: 1.4

  • Exploitability Subscore: 0.5

  • CVSS Temporal Score: 1.8

  • CVSS Environmental Score: 1.6

  • Modified Impact Subscore: 0.7

  • Overall CVSS Score: 1.6

AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:N/MAC:L/MPR:H/MUI:R/MS:U/MC:N/MI:L/MA:N

Vulnerable software and versions:

The versions listed below (or less than)

  • backup v14.0.10.2 through v14.0.10.7

The following versions of fixes:

  • >= backup v14.0.10.10

Related Information

Official Bug ticket: https://issues.freepbx.org/browse/FREEPBX-20551

Further Details:

Multiple XSS vulnerabilities exist in the Backup & Restore screen of the FreePBX Administrator web site. Eg. /admin/config.php?display=backup. An attacker can modify the id parameter of the backup configuration screen and embed malicious XSS code via link. When another user (such as an admin) clicks the link, the XSS payload will render and execute in the context of the victim user’s account.

The Sangoma and FreePBX team has deemed this a major security issue. We strongly encourage all users of FreePBX 14 to upgrade to the latest version of the userman module. This can be done from the Module Admin GUI or fwconsole. For more information on using Module Admin, please see https://sangomakb.atlassian.net/wiki/spaces/PG/pages/20023939/Module+Admin+User+Guide .

Sangoma takes security seriously and requests that any future FreePBX security issue be reported at security@freepbx.org.

Return to Documentation Home I Return to Sangoma Support