Lucene search
China National Vulnerability DatabaseCNVD-2022-08153HistoryJan 26, 2022 - 12:00 a.m.
YetiForceCrm Cross-site Request Forgery Vulnerability (CNVD-2022-08153)
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
0.001 Low
EPSS
Percentile
40.6%
YetiForceCrm is an open source Crm system from the Polish company YetiForce. YetiForceCrm version 6.3.0 previously contained a cross-site request forgery vulnerability, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yetiforce yetiforcecrm | lt | 6.3.0 |
Related
cve
cve
CVE-2022-0269
2022-01-24 12:15:07
nvd
nvd
CVE-2022-0269
2022-01-24 12:15:07
veracode
veracode
Cross-Site Request Forgery (CSRF)
2022-01-25 05:41:14
github
github
Cross-Site Request Forgery in yetiforce
2022-01-27 16:21:33
osv
osv
Cross-Site Request Forgery in yetiforce
2022-01-27 16:21:33
CVE-2022-0269
2022-01-24 12:15:07
cvelist
cvelist
huntr
huntr
Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm
2022-01-12 12:01:52
prion
prion
Cross site request forgery (csrf)
2022-01-24 12:15:00