Vulnerabilities > X2Crm

DATE CVE VULNERABILITY TITLE RISK
2023-04-15 CVE-2022-48177 Cross-site Scripting vulnerability in X2Crm 6.6/6.9
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the adin/importModels Import Records Model field (model parameter).
network
low complexity
x2crm CWE-79
5.4
2023-04-15 CVE-2022-48178 Cross-site Scripting vulnerability in X2Crm 6.6/6.9
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Create Action function, aka an index.php/actions/update URI.
network
low complexity
x2crm CWE-79
5.4