← voltar
CVE-2021-4121

Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm

CVSS 6.4 MEDIUMEPSS 0.8%CWE-79
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Produtos afetados
yetiforcecompany · yetiforcecompany/yetiforcecrm

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/yetiforcecompany/yetiforcecrm/commit/6b5967198e43b6fbb3b2715b49c6cd5b12ce08c3https://huntr.dev/bounties/6da878de-acdb-4b97-b9ff-9674c3f0881d