CVE-2021-4121

Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm

CVSS 6.4 MEDIUMEPSS 0.8%CWE-79

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Productos afectados

yetiforcecompany · yetiforcecompany/yetiforcecrm

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/yetiforcecompany/yetiforcecrm/commit/6b5967198e43b6fbb3b2715b49c6cd5b12ce08c3 https://huntr.dev/bounties/6da878de-acdb-4b97-b9ff-9674c3f0881d