2 matches found
CVE-2018-17302
Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /Email/view saved draft message...
EspoCRM Cross-Site Scripting Vulnerability
EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in the views/fields/wysiwyg.js file in EspoCRM version 5.3.6. A remote attacker can...