Vulnerabilities > Yetiforce
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-06 | CVE-2022-3002 | Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
2022-05-05 | CVE-2022-1411 | Unrestricted Upload of File with Dangerous Type vulnerability in Yetiforce Customer Relationship Management Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 4.3 |
2022-01-24 | CVE-2022-0269 | Cross-Site Request Forgery (CSRF) vulnerability in Yetiforce Customer Relationship Management Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0. | 6.0 |
2021-12-16 | CVE-2021-4121 | Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 4.3 |
2021-12-15 | CVE-2021-4117 | Improper Input Validation vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Business Logic Errors | 4.0 |
2021-12-15 | CVE-2021-4116 | Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 3.5 |
2021-12-15 | CVE-2021-4111 | Improper Input Validation vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Business Logic Errors | 4.0 |
2021-12-14 | CVE-2021-4107 | Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 4.3 |
2021-12-11 | CVE-2021-4092 | Cross-Site Request Forgery (CSRF) vulnerability in Yetiforce Customer Relationship Management yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |