Just a heads up in case there isn’t already a dev ticket for this, but Lighthouse tagged some JS (XSS) vulnerabilities in the default jQuery, Bootstrap scripts for main FreePBX admin portal:
Library Version | Vulnerability Count | Highest Severity |
---|---|---|
[email protected] | 5 | Medium |
[email protected] | 3 | Medium |
jQuery [email protected] | 3 | High |
The jQuery UI one is pretty old (8 years) so just wanted to comment on it in case it’s not on the radar.