Vulnerabilities > Daybydaycrm > Daybyday > 2.1.0

DATE CVE VULNERABILITY TITLE RISK
2020-12-25 CVE-2020-35707 Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0
Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen.
network
low complexity
daybydaycrm CWE-79
5.4
5.4
2020-12-25 CVE-2020-35706 Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0
Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen.
network
low complexity
daybydaycrm CWE-79
5.4
5.4
2020-12-25 CVE-2020-35705 Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0
Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen.
network
low complexity
daybydaycrm CWE-79
5.4
5.4
2020-12-25 CVE-2020-35704 Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0
Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen.
network
low complexity
daybydaycrm CWE-79
5.4
5.4