Lucene search
China National Vulnerability DatabaseCNVD-2022-69154HistoryOct 10, 2022 - 12:00 a.m.
YetiForceCrm Cross-Site Scripting Vulnerability (CNVD-2022-69154)
2022-10-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
yetiforcecrm
open source
cross-site scripting prevention
0.001 Low
EPSS
Percentile
21.6%
YetiForceCrm is an open source Crm system from the Polish company YetiForce. versions prior to YetiForceCrm 6.4.0 have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by attackers to cause cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yetiforce yetiforcecrm | lt | 6.4.0 |
Related
veracode
veracode
Cross-site Scripting (XSS)
2022-10-07 06:20:45
prion
prion
Cross site scripting
2022-10-06 18:16:00
huntr
huntr
Persistent Cross Site Scripting - BusinessHours Module - Settings
2022-08-19 17:57:00
nvd
nvd
CVE-2022-3002
2022-10-06 18:16:19
cvelist
cvelist
osv
osv
YetiForce CRM vulnerable to stored Cross-site Scripting
2022-10-06 18:52:03
CVE-2022-3002
2022-10-06 18:16:19
github
github
YetiForce CRM vulnerable to stored Cross-site Scripting
2022-10-06 18:52:03
cve
cve
CVE-2022-3002
2022-10-06 18:16:19