Lucene search
K

12 matches found

EUVD
EUVD
added 2026/03/19 6:31 p.m.9 views

EUVD-2026-13130

OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 3:49 p.m.30 views

CVE-2026-32869 OPEXUS eComplaint and eCASE XSS via Name of Organization field

OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...

5.5CVSS0.00141EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.11 views

OPEXUS eComplaint和OPEXUS eCASE 安全漏洞

OPEXUS eComplaint and OPEXUS eCASE are products of the American company OPEXUS. OPEXUS eComplaint is a complaint and appeal management platform. OPEXUS eCASE is an case management system. There were security vulnerabilities in versions of OPEXUS eComplaint and OPEXUS eCASE before 10.2.0.0. These...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.5 views

PT-2026-26311

OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 8:8 a.m.7 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...

7.1CVSS4.8AI score0.00386EPSS
Exploits1References1
OSV
OSV
added 2024/10/07 6:31 p.m.11 views

GHSA-74Q2-6JP4-3RQQ Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...

4.8CVSS4.8AI score0.00386EPSS
Exploits1References4
Snyk
Snyk
added 2024/10/07 6:31 p.m.4 views

Cross-site Scripting (XSS)

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the organization name...

7.1CVSS5.4AI score0.00386EPSS
Exploits1References2
NVD
NVD
added 2024/10/07 4:15 p.m.15 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...

7.1CVSS0.00386EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/07 12:0 a.m.17 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...

0.00386EPSS
Exploits1References1
OSV
OSV
added 2024/10/07 12:0 a.m.13 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...

7.1CVSS5.9AI score0.00386EPSS
Exploits1References3
OSV
OSV
added 2024/02/21 2:15 a.m.5 views

CVE-2024-25602

Stored cross-site scripting XSS vulnerability in Users Admin module's edit user page in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject...

5.4CVSS5.8AI score0.00614EPSS
Exploits0References1
OSV
OSV
added 2017/09/09 1:29 a.m.5 views

CVE-2017-8041

In Single Sign-On for Pivotal Cloud Foundry PCF 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputting code in the text field for an organization name...

6.1CVSS5.9AI score0.00877EPSS
Exploits0References2
Rows per page
Query Builder