Lucene search
Veracode Vulnerability DatabaseVERACODE:37204HistorySep 20, 2022 - 4:08 p.m.
Cross Site Scripting (XSS)
2022-09-2016:08:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
yetiforcecrm
stored cross-site scripting
vulnerability
workflowmodel
EPSS
0.001
Percentile
21.4%
Yetiforcecrm is vulnerable to stored cross-site scripting. The vulnerability is due to the workflowModel not sanitizing the summary field, allowing an attacker to inject script tags via the workflow module settings, which results in stored cross-site scripting.
Related
huntr
huntr
Persistent Cross Site Scripting - Workflow Module - Settings
2022-08-19 17:45:24
osv
osv
YetiForce CRM vulnerable to stored Cross-site Scripting via WorkFlow module
2022-09-21 00:00:52
CVE-2022-3004
2022-09-20 10:15:10
cvelist
cvelist
prion
prion
Cross site scripting
2022-09-20 10:15:00
github
github
YetiForce CRM vulnerable to stored Cross-site Scripting via WorkFlow module
2022-09-21 00:00:52
nvd
nvd
CVE-2022-3004
2022-09-20 10:15:10
cve
cve
CVE-2022-3004
2022-09-20 10:15:10