Fat Free Crm Security Vulnerabilities and Issues — Fat Free Crm CVE List

Lucene search

FatfreecrmFat Free Crm

2 matches found

CVE•added 2019/06/10 11:29 p.m.•108 views

CVE-2019-10226

HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a XSS protection mech...

5.4CVSS5.2AI score0.02501EPSS

CVE•added 2019/08/20 1:15 p.m.•60 views

CVE-2018-20975

Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb.

6.1CVSS5.9AI score0.00301EPSS