0.001 Low
EPSS
Percentile
21.7%
The attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack.
There are no workarounds that address this vulnerability.
github.com/oroinc/crm
github.com/oroinc/crm/security/advisories/GHSA-vf7h-6246-hm43
nvd.nist.gov/vuln/detail/CVE-2021-39198