Lucene search

K
WebkulKrayin Crm

5 matches found

CVE
CVE
added 2025/04/14 2:15 p.m.66 views

CVE-2025-3568

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be laun...

5.4CVSS3.8AI score0.00045EPSS
CVE
CVE
added 2023/05/27 9:15 a.m.43 views

CVE-2023-2925

A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of the file /admin/contacts/organizations/edit/2 of the component Edit Person Page. The manipulation of the argument Organization leads to cross site scripting. It is possible to...

5.4CVSS4.3AI score0.00082EPSS
CVE
CVE
added 2024/09/27 5:15 p.m.40 views

CVE-2024-46366

A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the...

8.8CVSS8.3AI score0.00215EPSS
CVE
CVE
added 2024/09/27 5:15 p.m.38 views

CVE-2024-46367

A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the payload is executed, granting the attacker elevated pe...

9.6CVSS5.6AI score0.00215EPSS
CVE
CVE
added 2024/10/07 4:15 p.m.35 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.

7.1CVSS6.2AI score0.00028EPSS