yetiforce/yetiforce-crm Security Advisories for 6.4.0 (6)
-
[MEDIUM] YetiForceCRM Directory Traversal vulnerability
PKSA-wy55-fcmh-dht9 CVE-2023-49508 GHSA-394m-vxwj-363j
Affected version: <6.5.0
Reported by:
GitHub -
[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting
PKSA-1mjy-38h5-my7f CVE-2022-3002 GHSA-v9fj-h8g6-4w9q
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via SlaPolicy module
PKSA-yfhz-fhkc-j9kz CVE-2022-3005 GHSA-vx3x-hwph-grvw
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via WorkFlow module
PKSA-m1h2-47p3-39p2 CVE-2022-3004 GHSA-qwc8-vjh3-gm2j
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via LayoutEditor module
PKSA-t3b1-cwzk-gsps CVE-2022-3000 GHSA-mqh9-5jp9-6799
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via WidgetsManagement module
PKSA-54h1-gdcr-5mcv CVE-2022-2924 GHSA-2qf8-h7pr-x2r8
Affected version: <=6.4.0
Reported by:
GitHub