CVE-2014-7987

2014-10-31T14:55:00
ID CVE-2014-7987
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:53:00

Description

Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php.