CVE-2024-28722 | Innovaphone PBX 12r2/13r3/14r1 /CMD0/xml_modes.xml Query cross site scripting
A vulnerability was found in Innovaphone PBX 12r2/13r3/14r1 and classified as problematic. Affected is an unknown function of the file /CMD0/xml_modes.xml. The manipulation of the argument Query results in cross site scripting.
This vulnerability was named CVE-2024-28722. The attack may be performed from remote. There is no available exploit.
It is suggested to upgrade the affected component.