CVE-2021-4282

Name of the Vulnerable Software and Affected Versions FreePBX versions prior to 14.0.6.25

Description A vulnerability was found in FreePBX voicemail, affecting an unknown functionality of the file page.voicemail.php. The manipulation leads to cross site scripting. The attack can be launched remotely.

Recommendations For versions prior to 14.0.6.25, upgrade to version 14.0.6.25 to address this issue. As a temporary workaround, consider restricting access to the page.voicemail.php file until the upgrade is applied.