CVE-2018-17301

CVE-2018-17301

EPSS 0.7%

Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/espocrm/espocrm/issues/1038 https://github.com/security-breachlock/CVE-2018-17301/blob/master/Non-persistent%20XSS%20in%20EspoCRM.pdf