CVE-2017-15039
Zurmo 3.2.1.57987acc3018 is affected by an XSS vulnerability: an attacker can use a data: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting to execute malicious JavaScript in the user’s browser. This is documented across multiple sources (e.g., CNVD-2017-36345, NVD ...