DayByDay CRM is an open source CRM (Customer Relationship Management) software developed based on Laravel that helps users track customers, tasks, meetings, etc. An information disclosure vulnerability exists in DayByDay CRM. The vulnerability stems from the product’s update feature that does not do effective validation of password strength, and an attacker can create extremely low strength passwords through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
DayByDay CRM DayByDay CRM >=1.1, | le | 2.2.0 |