Description: A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4.0.0-6 allows attackers to execute arbitrary code i.e JavaScripts or HTML code via a crafted payload entered into the Name or Prefix fields in the Create New Rate module.
Vulnerable Product Version: issabel-pbx 4.0.0-6
Date: 07/07/2023
CVE: CVE-2023-37189
CVE Author: Sahil Ojha
Vendor Homepage: https://www.issabel.org/
Software Link: https://github.com/IssabelFoundation/issabelPBX
Tested on: Windows
Steps to reproduce:
-
Go to issabel PBX application and login with admin credentials.
-
Navigate to to the “Reports --> Billing --> Rates” section, input the XSS payload in the categories Prefix and Name field as shown in the image below.
- Click on the save button and the payload will be executed. Whenever the webpage is visited by any user the script executes in the victim’s browser and retrieves session cookies of the victim.
