4 matches found
CVE-2020-21088
Cross Site Scripting XSS in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"...
CVE-2020-21088
Cross Site Scripting XSS in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"...
CVE-2020-21088
X2engine/X2CRM 7.1 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to obtain sensitive information by injecting arbitrary script/HTML through the First Name and Last Name fields on the /index.php/contacts/create page. Root cause is untrusted inp...
CVE-2020-21088
Cross Site Scripting XSS in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"...