dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.
807354717454bcddf23878f723cf0673fbb451acfadadb8aeb6ae4f5faa523c1
Gentoo Linux Security Advisory 201006-20 - Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. Versions less than 1.2.37 are affected.
c4933913b3f7de08c2c9cdd1eaa67457d52f479496c2830a647cc345b7604953
Debian Linux Security Advisory 1952-1 - Several vulnerabilities have been discovered in asterisk, an Open Source PBX and telephony toolkit.
faf28e0f95aa626b6c760797521d9fa403127fec95339438e518b3884089b3b6
Asterisk Project Security Advisory - Asterisk includes a demonstration AJAX based manager interface, ajamdemo.html which uses the prototype.js framework. An issue was uncovered in this framework which could allow someone to execute a cross-site AJAX request exploit.
e86a0ecb6a897bcb9f1220e85d46af735a82bc2ef2a6208e6cc14a3c6f4996dd