0.001 Low
EPSS
Percentile
48.5%
Cross Site Scripting (XSS) in X2Engine X2CRM v7.1 allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the βCommentβ field in β/profile/activityβ page.
github.com/X2Engine/X2CRM/issues/183