CVE-2015-5365
CVE-2015-5365 : Zurmo CRM 3.0.2 contains a cross-site scripting (XSS) vulnerability exploitable by remote authenticated users via the "What’s going on?" profile field. The underlying issue is improper input handling in that field, allowing injection of arbitrary web script/HTML. The connected rec...