2 matches found
CVE-2022-47073
A cross-site scripting XSS vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter...
CVE-2022-47073
CVE-2022-47073 describes a cross-site scripting (XSS) vulnerability in Small CRM v3.0, specifically on the Create Ticket page where a crafted payload injected into the Subject parameter can execute arbitrary web scripts/HTML. The issue arises from improper handling of the Subject input, enabling ...