CVE-2019-14331 in EspoCRM
Zusammenfassung
von MITRE
An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and lastName to contain JavaScript code.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.