Kguptasangom

**Name of the Vulnerable Software and Affected Versions** FreePBX versions prior to 14.0.6.25 **Description** A vulnerability was found in FreePBX voicemail, affecting an unknown functionality of the file page.voicemail.php. The manipulation leads to cross site scripting. The attack can be launched remotely. **Recommendations** For versions prior to 14.0.6.25, upgrade to version 14.0.6.25 to address this issue. As a temporary workaround, consider restricting access to the page.voicemail.php file until the upgrade is applied.