CVE-2024-41946 affecting package rubygem-rexml for versions less than 3.2.7-2

CVE-2024-41946 affecting package rubygem-rexml for versions less than 3.2.7-2. A patched version of the package is available...

Zurmo cross-site scripting vulnerability (CNVD-2019-26160)

Zurmo is the United States Zurmo company's set of PHP-based open source customer relationship management system CRM. A cross-site scripting vulnerability exists in Zurmo version 3.2.7-2. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attack...