5 matches found
CVE-2025-55903
A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize user input in the "Bill To" address field within the estimate module. As a result, arbitrary HTML can be injected and rendered unescaped in client-facing documents...
EUVD-2025-33769
A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize user input in the "Bill To" address field within the estimate module. As a result, arbitrary HTML can be injected and rendered unescaped in client-facing documents...
CVE-2025-55903
A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize user input in the "Bill To" address field within the estimate module. As a result, arbitrary HTML can be injected and rendered unescaped in client-facing documents...
CVE-2025-55903
Summary: CVE-2025-55903 affects Perfex CRM v3.3.1 due to a failure to sanitize input in the “Bill To” address field of the estimate module, allowing HTML injection and unescaped rendering in client-facing documents. The issue is documented across multiple sources (NVD, Red Hat, EUVD, CNNVD, etc.)...
CVE-2025-55903
A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize user input in the "Bill To" address field within the estimate module. As a result, arbitrary HTML can be injected and rendered unescaped in client-facing documents...