CVE-2018-14396
Creme CRM 1.6.12 is affected by 10 stored cross-site scripting vulnerabilities on the salesman creation page, exploitable via parameters including firstname, lastname, billing_address-address/zipcode/city/department, and shipping_address-address/zipcode/city/department. The root cause is the fail...