CVE-2019-14331 in EspoCRMinfo

Zusammenfassung

von MITRE

An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and lastName to contain JavaScript code.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

28.07.2019

Moderieren

akzeptiert

Eintrag

VDB-138891

CPE

bereit

EPSS

0.01327

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!