Vulnerabilities > Daybydaycrm > Daybyday CRM > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-05 CVE-2022-22107 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization.
network
low complexity
daybydaycrm CWE-862
4.3
4.3
2022-01-05 CVE-2022-22108 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization.
network
low complexity
daybydaycrm CWE-862
4.3
4.3
2022-01-05 CVE-2022-22109 Cross-site Scripting vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks.
network
low complexity
daybydaycrm CWE-79
5.4
5.4