YetiForceCrm is an open source Crm system from the Polish company YetiForce. versions prior to YetiForceCrm 6.4.0 have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by attackers to cause cross-site scripting attacks.
CPE | Name | Operator | Version |
---|---|---|---|
yetiforce yetiforcecrm | lt | 6.4.0 |