CVE-2018-17302
CVE-2018-17302 corresponds to a stored XSS in EspoCRM 5.3.6. The vulnerability is in views/fields/wysiwyg.js and is exploitable via the URL fragment /#Email/view (saved draft message). The available sources consistently describe a stored XSS condition affecting EspoCRM 5.3.6; no further details o...