Vulnerabilities > X2Engine > X2Crm > 5.4

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-14	CVE-2020-21087	Cross-site Scripting vulnerability in X2Engine X2Crm Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Module" tool. network x2engine CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.