CVE-2019-14549
EspoCRM prior to v5.6.9 is affected by a stored XSS vulnerability in the title and breadcrumb of newly created entities, potentially stealing cookies when a public link is visited. The underlying issue allows injection of JavaScript by a malicious user into those fields. A fix is available in the...