Information Disclosure Vulnerability in FusionPBX Operator Panel Module

Information Disclosure Vulnerability in FusionPBX Operator Panel Module

CVE-2019-11407 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information.

Learn more about our Web Application Penetration Testing UK.