Just a heads up that a few different FreePBX modules had security issues which were disclosed to us. Two were SQL injection type vulnerabilities in the CDR and CEL modules and one was a potential XSS problem with the logfiles module.
You can read more details about the impact of the vulnerabilities at:
As per usual, we have marked them as security fixes on the mirror servers so for those of you that have automatic downloads of security updates, you should be getting them soon.
Special thanks goes to the reporter for patiently working with us as we were attempting to replicate the problem and develop fixes.