Vulnerabilities > Oroinc > Client Relationship Management > 4.2.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-32063 | Improper Access Control vulnerability in Oroinc Client Relationship Management OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. | 5.0 |
| 2021-11-19 | CVE-2021-39198 | Cross-Site Request Forgery (CSRF) vulnerability in Oroinc Client Relationship Management OroCRM is an open source Client Relationship Management (CRM) application. | 5.8 |