CVE-2026-9585
Received Received - Intake

Reflected XSS in Sangoma Switchvox SMB Edition

Vulnerability report for CVE-2026-9585, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: Security Risk Advisors

Description

An unauthenticated reflected cross-site scripting (XSS) vulnerability exists in Sangoma Switchvox SMB Edition version 8.3 (104997). The application fails to properly sanitize the portal parameter supplied to the invalid_browser and invalid_browser_login handlers.Β User-supplied data is reflected into JavaScript generated by the application, allowing attacker-controlled script execution within a victim's browser.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
sangoma switchvox to 8.4.0.2 (exc)
sangoma switchvox From 8.4.0.2 (inc)
sangoma switchvox_smb_edition 8.3

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-9585 is an unauthenticated reflected cross-site scripting (XSS) vulnerability in Sangoma Switchvox SMB Edition version 8.3 (104997). The application fails to properly sanitize the portal parameter in the invalid_browser and invalid_browser_login handlers, allowing attacker-controlled scripts to execute in a victim's browser.

Detection Guidance

To detect this vulnerability, inspect web traffic for requests to the Switchvox web portal with the portal parameter containing unsanitized user input. Look for responses reflecting this input in JavaScript contexts. Use tools like Burp Suite or OWASP ZAP to intercept and analyze HTTP requests to the invalid_browser and invalid_browser_login handlers.

Impact Analysis

This vulnerability allows attackers to inject malicious scripts into web pages viewed by users. This could lead to unauthorized actions, data theft, or session hijacking if a victim interacts with the compromised page.

Compliance Impact

This vulnerability could lead to unauthorized access to sensitive data, which may violate GDPR's data protection requirements and HIPAA's safeguards for protected health information. The reflected XSS flaw allows attackers to execute malicious scripts in a victim's browser, potentially enabling data theft or unauthorized actions that compromise compliance with these regulations.

Mitigation Strategies

Immediately update Sangoma Switchvox SMB Edition to version 8.4.0.2 or later to patch the vulnerability. If immediate updating is not possible, restrict access to the Switchvox web portal via network controls until the update is applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9585. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart