← Back to CVE List
CVE-2024-28722
Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xml_modes.xml endpoint
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt