YetiForceCrm is an open source Crm system from the Polish company YetiForce. YetiForceCrm version 6.3.0 previously contained a cross-site request forgery vulnerability, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute JavaScript code on the client side.