DayByDay CRM is an open source CRM (Customer Relationship Management) software developed based on Laravel that helps users track customers, tasks, meetings, etc. A cross-site scripting vulnerability exists in DayByDay CRM. The vulnerability stems from the fact that the title field of a new task in the product does not do a valid validation of the user input data. An attacker could trigger the vulnerability by tricking the user into opening the task page to view all tasks resulting in client-side code execution.
CPE | Name | Operator | Version |
---|---|---|---|
daybyday crm daybyday crm | eq | 2.2.0 |