3 matches found
CVE-2022-1340
Cross-site Scripting XSS - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0...
CVE-2022-1340 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm
Cross-site Scripting XSS - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0...
CVE-2022-1340
CVE-2022-1340 is a cross-site scripting (XSS) vulnerability in the YetiForce CRM project, present in versions prior to 6.4.0. The issue stems from improper input validation / output encoding in the repository yetiforcecrm, allowing stored XSS via uploaded content or payloads in documents. Impact ...