Количество 2
Количество 2
CVE-2019-10226
HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a XSS protection mechanism.
GHSA-gmg5-r3c4-3fm9
Withdrawn Advisory: Fat Free CRM Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10226 HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a XSS protection mechanism. | CVSS3: 5.4 | 2% Низкий | больше 6 лет назад |
| GHSA-gmg5-r3c4-3fm9 Withdrawn Advisory: Fat Free CRM Cross-site Scripting vulnerability | CVSS3: 5.4 | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу