Vulnerabilities > Yetiforce

DATE CVE VULNERABILITY TITLE RISK
2022-10-06 CVE-2022-3002 Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
network
low complexity
yetiforce CWE-79
5.4
2022-05-05 CVE-2022-1411 Unrestricted Upload of File with Dangerous Type vulnerability in Yetiforce Customer Relationship Management
Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
network
yetiforce CWE-434
4.3
2022-01-24 CVE-2022-0269 Cross-Site Request Forgery (CSRF) vulnerability in Yetiforce Customer Relationship Management
Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0.
network
yetiforce CWE-352
6.0
2021-12-16 CVE-2021-4121 Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
yetiforce CWE-79
4.3
2021-12-15 CVE-2021-4117 Improper Input Validation vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Business Logic Errors
network
low complexity
yetiforce CWE-20
4.0
2021-12-15 CVE-2021-4116 Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
yetiforce CWE-79
3.5
2021-12-15 CVE-2021-4111 Improper Input Validation vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Business Logic Errors
network
low complexity
yetiforce CWE-20
4.0
2021-12-14 CVE-2021-4107 Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
yetiforce CWE-79
4.3
2021-12-11 CVE-2021-4092 Cross-Site Request Forgery (CSRF) vulnerability in Yetiforce Customer Relationship Management
yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)
network
yetiforce CWE-352
4.3