12 matches found
EUVD-2026-13130
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...
CVE-2026-32869 OPEXUS eComplaint and eCASE XSS via Name of Organization field
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...
OPEXUS eComplaint和OPEXUS eCASE 安全漏洞
OPEXUS eComplaint and OPEXUS eCASE are products of the American company OPEXUS. OPEXUS eComplaint is a complaint and appeal management platform. OPEXUS eCASE is an case management system. There were security vulnerabilities in versions of OPEXUS eComplaint and OPEXUS eCASE before 10.2.0.0. These...
PT-2026-26311
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of the "Name of Organization" field when filling out case information. An authenticated attacker can inject an XSS payload which is executed in the context of a victim's session when they visit the case information...
CVE-2024-45932
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...
GHSA-74Q2-6JP4-3RQQ Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...
Cross-site Scripting (XSS)
Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the organization name...
CVE-2024-45932
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...
CVE-2024-45932
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...
CVE-2024-45932
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting XSS via the organization name field in /admin/contacts/organizations/edit/2...
CVE-2024-25602
Stored cross-site scripting XSS vulnerability in Users Admin module's edit user page in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject...
CVE-2017-8041
In Single Sign-On for Pivotal Cloud Foundry PCF 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputting code in the text field for an organization name...