CVE-2022-41978

Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin

CVE-2021-33849

A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website. The attack targets your application's users and not the application itself while using your application as the attack's vehicle. The XSS payload ...