Vicidial : Security Vulnerabilities, CVEs, (XSS)
Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. This issue affects: VICIdial 2.14b0.5 versions prior to 3555.
Max CVSS
6.5
EPSS Score
0.07%
Published
2022-07-05
Updated
2022-07-13
Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs.
Max CVSS
5.4
EPSS Score
0.06%
Published
2022-02-15
Updated
2022-02-19
Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMP_admin.php parameters.
Max CVSS
6.1
EPSS Score
0.07%
Published
2023-03-06
Updated
2023-03-13
3 vulnerabilities found