CVE-2014-10009
Multiple cross-site scripting XSS vulnerabilities in Stark CRM 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname, 2 lastname, or 3 notes parameter to the client page; 4 insuname or 5 price parameter to the addinsurancecat page; or 6 status parameter to the...