5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.1%
Cross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the PersonView.php component.
churchcrm.io/
demo.churchcrm.io/master
github.com/0x72303074/CVE-Disclosures
github.com/ChurchCRM/CRM/wiki