Lucene search
Veracode Vulnerability DatabaseVERACODE:20670HistoryJul 08, 2019 - 2:54 a.m.
Cross-site Scripting (XSS)
2019-07-0802:54:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
49.6%
fat_free_crm is vulnerable to cross-site scripting (XSS). The vulnerability exists through query in app/helpers/tags_helper.rb.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fat_free_crm | eq | 0.18.0 | |
| fat_free_crm | le | 0.15.1 | |
| fat_free_crm | le | 0.17.2 | |
| fat_free_crm | le | 0.14.1 | |
| fat_free_crm | le | 0.16.3 |
References
github.com/asteinhauser/fat_free_crm/commit/306f940b26ccf3f406665f07bece1229a7a5dcfa
github.com/asteinhauser/fat_free_crm/issues/1
github.com/fatfreecrm/fat_free_crm/commit/6d60bc8ed010c4eda05d6645c64849f415f68d65
github.com/fatfreecrm/fat_free_crm/wiki/XSS-Vulnerability-%282018-10-27%29
groups.google.com/forum/#!topic/fat-free-crm-users/TxsdZXSe7Jc
Related
prion
prion
Cross site scripting
2018-12-20 15:29:00
nvd
nvd
CVE-2018-1000842
2018-12-20 15:29:01
github
github
Fat Free CRM vulnerable to Cross-site Scripting
2018-12-20 22:01:54
cvelist
cvelist
CVE-2018-1000842
2022-10-03 16:21:59
cve
cve
CVE-2018-1000842
2022-10-03 16:21:59
osv
osv
Fat Free CRM vulnerable to Cross-site Scripting
2018-12-20 22:01:54
CVE-2018-1000842
2018-12-20 15:29:01