← Back to CVE List
CVE-2023-0480
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt