Skip to main content

Sangoma Switchvox CVE-2026-9588

HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-07-17 SRA
7.0
CVSS 4.0 · Vendor: SRA
Share

Severity by source

Vendor (SRA) PRIMARY
7.0 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Authenticated user injects stored payload (PR:L) that runs in another user's browser (UI:R, scope change S:C), yielding limited session-level confidentiality and integrity impact.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (SRA).

CVSS VectorVendor: SRA

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 17, 2026 - 16:47 vuln.today
CVE Published
Jul 17, 2026 - 15:59 cve.org
HIGH 7.0

DescriptionCVE.org

A stored cross-site scripting (XSS) vulnerability exists in Sangoma Switchvox SMB Edition 8.3 (104997) within the voicemail notification template functionality. The submit_modify_voicemail_template endpoint fails to properly sanitize HTML content supplied by authenticated users, allowing malicious JavaScript supplied through the template_text parameter to be stored server-side and subsequently rendered to other users.

AnalysisAI

Stored cross-site scripting in Sangoma Switchvox SMB Edition 8.3 (build 104997) lets an authenticated user inject persistent JavaScript through the voicemail notification template feature, which then executes in the browsers of other users who view the affected template. The payload is submitted via the template_text parameter to the submit_modify_voicemail_template endpoint, which fails to sanitize HTML. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Switchvox web UI
Delivery
Submit script via template_text to submit_modify_voicemail_template
Exploit
Payload stored in voicemail template
Execution
Victim views template, script executes
Impact
Hijack session / alter PBX config

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated Switchvox SMB Edition account with permission to create or modify voicemail notification templates (PR:L), and the injected payload only fires when a second user views the affected template (UI:P), so a victim interaction is mandatory. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor CVSS 4.0 score is 7.0 (High) with vector AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated Switchvox user with access to the voicemail template feature submits a template_text value containing a malicious <script> payload to submit_modify_voicemail_template, which is stored on the appliance. When an administrator or another user subsequently opens or previews that voicemail notification template, the script executes in their session, allowing session hijacking or configuration changes in the PBX web interface. …
Remediation Vendor-released patch: upgrade Switchvox SMB Edition to version 8.4.0.2 or later, per the July 14, 2026 release notes (https://sangomakb.atlassian.net/wiki/spaces/Switchvox/pages/1802371073/Switchvox+-+Release+Notes+Version+8.4.0.2+July+14+2026). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all Sangoma Switchvox SMB Edition 8.3 (build 104997) installations and immediately restrict administrative access to the voicemail template modification feature; audit existing templates and user access logs for suspicious modifications. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-9588 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy