CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2025/05/23 5:2 a.m.•7 views

CVE-2023-27150

openCRX 5.2.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name field after creation of a Tracker in Manage Activity...

5.4CVSS6.1AI score0.00397EPSS

Exploits1References1

Prion•added 2024/02/29 1:38 a.m.•15 views

Design/Logic Flaw

openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number in the Saved Search Activity via the Name, Description, or Activity Number field...

7.9AI score0.00454EPSS

Exploits1References2

NVD•added 2023/12/26 4:15 a.m.•25 views

CVE-2023-27150

openCRX 5.2.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name field after creation of a Tracker in Manage Activity...

5.4CVSS0.00397EPSS

Exploits1References2

Prion•added 2023/12/26 4:15 a.m.•12 views

Cross site scripting

openCRX 5.2.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name field after creation of a Tracker in Manage Activity...

4.9CVSS6.3AI score0.00397EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/12/26 12:0 a.m.•9 views

CVE-2023-27150

openCRX 5.2.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name field after creation of a Tracker in Manage Activity...

6.1AI score0.00397EPSS

Exploits1References2

Positive Technologies•added 2023/12/25 12:0 a.m.•4 views

PT-2023-20976 · Opencrx · Opencrx

Name of the Vulnerable Software and Affected Versions: openCRX version 5.2.0 Description: A cross-site scripting XSS issue was discovered in openCRX, which occurs via the Name field after creating a Tracker in Manage Activity. This allows for potential malicious script execution. Recommendations:...

5.4CVSS5.2AI score0.00397EPSS

Exploits1References10

Vulnrichment•added 2023/12/25 12:0 a.m.•15 views

CVE-2023-27151

openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number in the Saved Search Activity via the Name, Description, or Activity Number field...

7.5AI score0.00454EPSS

Exploits1References2

NVD•added 2023/11/18 4:15 a.m.•11 views

CVE-2023-40815

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field...

6.1CVSS0.00463EPSS

Exploits1References1

NVD•added 2023/11/18 4:15 a.m.•11 views

CVE-2023-40817

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field...

6.1CVSS0.00463EPSS

Exploits1References1

Prion•added 2023/11/18 4:15 a.m.•8 views

Input validation

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field...

5.8CVSS7.2AI score0.00463EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/11/18 12:0 a.m.•11 views

CVE-2023-40810

OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field...

6.9AI score0.00463EPSS

Exploits1References1

CNNVD•added 2023/11/18 12:0 a.m.•2 views

OpenCRX Security Vulnerabilities

openCRX is an open source Crm software. A security vulnerability exists in OpenCRX version 5.2.0, which originated from a vulnerability that allows attackers to conduct HTML injection attacks via the component Activity Search Criteria-Activity Number...

6.1CVSS7AI score0.00463EPSS

Exploits1References2