Security Advisory

CVE-2023-0480

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-04 00:00:00

Last updated 2025-02-13 16:17:43

Assigner Fluid Attacks

State PUBLISHED

Description

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrators account. This is possible because the application is vulnerable to CSRF.

← Browse all CVEs View on cve.org ↗