CVE-2019-14331 in EspoCRMinformation

Résumé

par MITRE

An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and lastName to contain JavaScript code.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Réserver

28/07/2019

Modérer

accepté

Entrée

VDB-138891

CPE

prêt

EPSS

0.01327

KEV

non

Activités

très faible

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!