WEB APPLICATION VULNERABILITIES Standard & Premium

YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2924)

Description

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.3.

Remediation

References

Related Vulnerabilities

Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9891)

WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Multiple Cross-Site Scripting Vulnerabilities (4.29.6)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)

Severity

Medium

Classification

CVE-2022-2924 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities