Vulnerabilities > Churchcrm > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-29 CVE-2022-36137 Cross-site Scripting vulnerability in Churchcrm 4.4.5
ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader.
network
low complexity
churchcrm CWE-79
4.8
4.8