10 matches found
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
Elite CRM Cross-Site Scripting Vulnerability
Elite CRM is a customer relationship management system. A cross-site scripting vulnerability exists in Elite CRM v1.2.11, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary code via the langua...
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
Cross site scripting
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
CVE-2022-40361
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint...
Elite CRM 跨站脚本漏洞
Elite CRM is a customer relationship management system. A cross-site scripting vulnerability exists in Elite CRM v1.2.11, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary code via the langua...
CVE-2022-40361
Elite CRM v1.2.11 is affected by a Cross-Site Scripting (XSS) vulnerability that allows an attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint. The root cause is insufficient input handling for the language parameter. Impact per sources is limited to confident...
PT-2024-11628 · Elite Crm · Elite Crm
Name of the Vulnerable Software and Affected Versions: Elite CRM version 1.2.11 Description: A Cross Site Scripting issue allows an attacker to execute arbitrary code via the language parameter to the "/ngs/login" endpoint. Recommendations: For Elite CRM version 1.2.11, avoid using the language...