dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.
9e53ca2a35a92379f55b21ad389e087c
Gentoo Linux Security Advisory 201006-20 - Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. Versions less than 1.2.37 are affected.
d1120bc0d4faafa542fcf2397e50f540
Debian Linux Security Advisory 1952-1 - Several vulnerabilities have been discovered in asterisk, an Open Source PBX and telephony toolkit.
905e5c3863d4bfeacc6145c0bea47bae
Asterisk Project Security Advisory - Asterisk includes a demonstration AJAX based manager interface, ajamdemo.html which uses the prototype.js framework. An issue was uncovered in this framework which could allow someone to execute a cross-site AJAX request exploit.
243db55520978150b9f0e5bf94929f45