3 matches found
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...
CVE-2020-10227
CVE-2020-10227 describes a cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE, where an attacker can inject arbitrary JavaScript via the From field of an email. Affected component: vtenext/vtecrm 19 CE, Messages module. Root cause: input handling in the email ...