Krayin Crm@1.3.0 Security Vulnerabilities and Issues — Krayin Crm@1.3.0 CVE List

Lucene search

WebkulKrayin Crm1.3.0

3 matches found

CVE•added 2024/09/27 5:15 p.m.•40 views

CVE-2024-46366

A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the...

8.8CVSS8.3AI score0.00215EPSS

CVE•added 2024/09/27 5:15 p.m.•38 views

CVE-2024-46367

A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the payload is executed, granting the attacker elevated pe...

9.6CVSS5.6AI score0.00215EPSS

CVE•added 2024/10/07 4:15 p.m.•35 views

CVE-2024-45932

Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.

7.1CVSS6.2AI score0.00028EPSS