Vulnerabilities > CVE-2021-4107 - Unspecified vulnerability in Yetiforce Customer Relationship Management
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Vulnerable Configurations
References
- https://github.com/yetiforcecompany/yetiforcecrm/commit/a062d3d5fecb000db207a2ad8a446db97ad96b89
- https://github.com/yetiforcecompany/yetiforcecrm/commit/a062d3d5fecb000db207a2ad8a446db97ad96b89
- https://huntr.dev/bounties/1d124520-cf29-4539-a0f3-6d041af7b5a8
- https://huntr.dev/bounties/1d124520-cf29-4539-a0f3-6d041af7b5a8