Description
Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.
Remediation
References
Related Vulnerabilities
Perl Out-of-bounds Write Vulnerability (CVE-2018-6797)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3732)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.4)
Internet Information Services Improper Input Validation Vulnerability (CVE-2009-4445)
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)