CVE-2019-14548
EspoCRM before version 5.6.9 is affected by a stored XSS vulnerability in the body of an Article. The issue can be triggered when victims open articles received via mail; an attacker can form the Article using the Knowledge Base feature and inject malicious JavaScript, potentially stealing cookie...