Source: National Vulnerability Database

Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-37524

84 hits since 2022-07-06

PHP Vulns Source Ratio: 17% (7102 total, 597 propagated, 3551 filtered)