Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:44 a.m.11 views

CVE-2024-48120

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting XSS in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list...

6.5CVSS5.7AI score0.00624EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:27 a.m.5 views

CVE-2022-48177

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...

5.4CVSS6AI score0.01831EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/05/22 12:49 a.m.10 views

CVE-2013-5693

Cross-site scripting XSS vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor...

4.3CVSS5.8AI score0.03232EPSS
Exploits6References1
OSV
OSV
added 2023/04/15 1:15 a.m.1 views

CVE-2022-48178

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...

5.4CVSS6AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/15 12:0 a.m.6 views

CVE-2022-48177

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...

5.3AI score0.01831EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2023/04/15 12:0 a.m.7 views

PT-2023-15602

Name of the Vulnerable Software and Affected Versions X2CRM Open Source Sales CRM versions 6.6 through 6.9 Description A reflected cross-site scripting XSS issue was discovered in X2CRM Open Source Sales CRM. This issue allows attackers to create malicious JavaScript that will be executed by the...

5.4CVSS6AI score0.01831EPSS
Exploits4References8
CNVD
CNVD
added 2021/04/15 12:0 a.m.5 views

pczupil X2CRM Cross-Site Scripting Vulnerability

pczupil X2CRM is a pczupil open source application. A next generation open source social selling application for small and medium sized businesses. A cross-site scripting vulnerability exists in pczupil X2CRM version 7.1, which can be exploited to inject arbitrary web script or HTML via the...

6.1CVSS5.8AI score0.00918EPSS
Exploits1References1
Rows per page
Query Builder