CVE-2012-6608

Name of the Vulnerable Software and Affected Versions Elastix version 2.3.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the Page parameter in the xmlservices/E book.php file.

Recommendations For Elastix version 2.3.0, consider restricting access to the xmlservices/E book.php file until a patch is available. As a temporary workaround, avoid using the Page parameter in the affected file to minimize the risk of exploitation.