YetiForce CRM version 6.4.0 and prior is vulnerable to stored cross-site scripting. A patch is available on the developer
branch.
GSA_kwCzR0hTQS12OWZqLWg4ZzYtNHc5cc4AAvLC
YetiForce CRM vulnerable to stored Cross-site Scripting
Affected Packages | Affected Versions | Fixed Versions | |
---|---|---|---|
packagist:yetiforce/yetiforce-crm | <= 6.4.0 | No known fixed version | |
Affected Version RangesAll affected versions4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0, 5.0.0, 5.1.0, 5.2.0, 5.3.0, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 6.4.0 |