7 matches found
CVE-2024-9030
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/noteid/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2024-9031
A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...
CVE-2024-9030
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/noteid/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2024-9031 CodeCanyon CRMGo SaaS show cross site scripting
A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...
CVE-2024-9031
CodeCanyon CRMGo SaaS (up to 7.2) has a cross-site scripting flaw in the /project/task/{task_id}/show endpoint triggered by the comment parameter. The issue may be exploited remotely and exploits have been disclosed publicly. Current remediation guidance in the connected docs is to disable access...
CVE-2024-9030 CodeCanyon CRMGo SaaS note cross site scripting
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/noteid/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2024-9030
CVE-2024-9030 affects CodeCanyon CRMGo SaaS 7.2. The vulnerability is a cross-site scripting flaw in the notes parameter of the file /deal/{note_id}/note. It can be triggered remotely, and exploits have been disclosed publicly. Some sources list varying severity (up to medium) but all confirm XSS...