9 matches found
ChurchCRM Cross-Site Scripting Vulnerability (CNVD-2023-64218)
ChurchCRM is an open source CRM system for churches. A cross-site scripting vulnerability exists in ChurchCRM version 4.2.1, which stems from the lack of effective filtering and escaping of user-supplied data in the Add New Deposit field of the View All Deposit module, and can be exploited by an...
CVE-2020-28849
Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...
CVE-2020-28849
Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...
Cross site scripting
Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...
CVE-2020-28849
ChurchCRM 4.2.1 is affected by a Cross-Site Scripting (XSS) vulnerability in the Add New Deposit field of the View All Deposit module. The flaw arises from insufficient input filtering/escaping of user-supplied data, enabling remote attackers to inject arbitrary script or HTML. Multiple connected...
ChurchCRM 跨站脚本漏洞
ChurchCRM is an open source CRM system for churches. A cross-site scripting vulnerability exists in ChurchCRM version 4.2.1, which stems from the lack of effective filtering and escaping of user-supplied data in the Add New Deposit field of the View All Deposit module, and can be exploited by an...
CVE-2020-28849
Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...
CVE-2020-28849
Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...
PT-2023-11772 · Churchcrm · Churchcrm
Name of the Vulnerable Software and Affected Versions: ChurchCRM version 4.2.1 Description: The issue allows remote attackers to execute arbitrary code and gain sensitive information via a crafted payload in the Add New Deposit field in the View All Deposit module. This is a Cross Site Scripting...