X2crm Security Vulnerabilities and Issues — X2crm CVE List

Lucene search

X2engineX2crm

3 matches found

CVE•added 2013/09/30 10:55 p.m.•60 views

CVE-2013-5693

Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor.

4.3CVSS5.6AI score0.00432EPSS

CVE•added 2015/09/29 7:59 p.m.•39 views

CVE-2015-5076

Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) version parameter in protected/views/admin/formEditor.php; the (2) importId parameter in protected/views/admin/rollbackImport.php; the (3) bc,...

4.3CVSS5.8AI score0.00305EPSS

CVE•added 2021/04/14 2:15 p.m.•28 views

CVE-2020-21088

Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"

4.8CVSS4.9AI score0.00194EPSS