Vulnerabilities > Espocrm > Espocrm > 5.6.4

DATE CVE VULNERABILITY TITLE RISK
2019-07-28 CVE-2019-14350 Cross-site Scripting vulnerability in Espocrm 5.6.4
EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base.
network
espocrm CWE-79
4.3
4.3
2019-07-28 CVE-2019-14349 Cross-site Scripting vulnerability in Espocrm 5.6.4
EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab.
network
espocrm CWE-79
4.3
4.3
2019-07-28 CVE-2019-14331 Cross-site Scripting vulnerability in Espocrm
An issue was discovered in EspoCRM before 5.6.6.
network
espocrm CWE-79
4.3
4.3
2019-07-28 CVE-2019-14330 Cross-site Scripting vulnerability in Espocrm
An issue was discovered in EspoCRM before 5.6.6.
network
espocrm CWE-79
4.3
4.3
2019-07-28 CVE-2019-14329 Cross-site Scripting vulnerability in Espocrm
An issue was discovered in EspoCRM before 5.6.6.
network
espocrm CWE-79
4.3
4.3