YetiForceCrm 跨站脚本漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site scripting vulnerability exists in versions of YetiForceCrm prior to 6.4.0, which stems from the undefined and unvalidated workflowModel-summary parameter on the Workflow module in Settings and is used direct...

YetiForceCrm 跨站脚本漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site scripting vulnerability exists in YetiForceCrm versions prior to 6.4.0, which stems from an unvalidated title parameter on the LayoutEditor module in Settings and is used directly in LayoutEditor/EditField.t...

YetiForceCrm 跨站脚本漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site scripting vulnerability exists in YetiForceCrm versions prior to 6.4.0, which stems from an unvalidated recordModel-name parameter of type "Text" in the SlaPolicy module in Settings and is used directly in...

YetiForceCrm 跨站脚本漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site scripting vulnerability exists in YetiForceCrm versions prior to 6.4.0. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...

YetiForceCrm 代码问题漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A security vulnerability exists in YetiForceCrm versions prior to 6.4.0, which stems from a problematic unreconstructed file upload in the application. An attacker could send a malicious file to the victim and use the...

YetiForceCrm 跨站脚本漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. Yetiforcecrm suffers from a cross-site scripting vulnerability that originates from the susceptibility to incorrect input during web page generation...