Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:48 a.m.7 views

CVE-2022-40361

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

6.1CVSS7.3AI score0.00385EPSS
Exploits0References1
CNVD
CNVD
added 2024/01/16 12:0 a.m.15 views

Elite CRM Cross-Site Scripting Vulnerability

Elite CRM is a customer relationship management system. A cross-site scripting vulnerability exists in Elite CRM v1.2.11, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary code via the langua...

6.1CVSS6.9AI score0.00385EPSS
Exploits0References1
NVD
NVD
added 2024/01/11 3:15 a.m.14 views

CVE-2022-40361

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

6.1CVSS6.4AI score0.00385EPSS
Exploits0References2
OSV
OSV
added 2024/01/11 3:15 a.m.3 views

CVE-2022-40361

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

6.1CVSS6.1AI score0.00385EPSS
Exploits0References2
Prion
Prion
added 2024/01/11 3:15 a.m.10 views

Cross site scripting

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

5.8CVSS7.5AI score0.00385EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.17 views

CVE-2022-40361

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

6.6AI score0.00385EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.10 views

CVE-2022-40361

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...

7.3AI score0.00385EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

Elite CRM 跨站脚本漏洞

Elite CRM is a customer relationship management system. A cross-site scripting vulnerability exists in Elite CRM v1.2.11, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary code via the langua...

6.1CVSS6.9AI score0.00385EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 12:0 a.m.37 views

CVE-2022-40361

Elite CRM v1.2.11 is affected by a Cross-Site Scripting (XSS) vulnerability that allows an attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint. The root cause is insufficient input handling for the language parameter. Impact per sources is limited to confident...

6.1CVSS6.4AI score0.00385EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.7 views

PT-2024-11628 · Elite Crm · Elite Crm

Name of the Vulnerable Software and Affected Versions: Elite CRM version 1.2.11 Description: A Cross Site Scripting issue allows an attacker to execute arbitrary code via the language parameter to the "/ngs/login" endpoint. Recommendations: For Elite CRM version 1.2.11, avoid using the language...

6.1CVSS6.4AI score0.00385EPSS
Exploits0References4
Rows per page
Query Builder