Vulnerability CVE-2022-2924


Published: 2022-09-20

Description:
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.3.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/yetiforcecompany/yetiforcecrm/commit/b716ecea340783b842498425faa029800bd30420
https://huntr.dev/bounties/f0f3aded-6e97-4cf2-980a-c90f2c6ca0e0

Copyright 2022, cxsecurity.com

 

Back to Top