3 matches found
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
CVE-2022-40361
Elite CRM v1.2.11 is affected by a Cross-Site Scripting (XSS) vulnerability that allows an attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint. The root cause is insufficient input handling for the language parameter. Impact per sources is limited to confident...