DayByDay CRM is an open source CRM (Customer Relationship Management) software developed on Laravel that helps users track customers, tasks, meetings, etc. The DayByDay CRM information disclosure vulnerability stems from the product not adding a valid restriction on the permission to view all user appointment information. An attacker could exploit the vulnerability to view sensitive information through an account with low privileges.
CPE | Name | Operator | Version |
---|---|---|---|
DayByDay CRM DayByDay CRM >=2.0.0, | le | 2.2.0 |