Vulnerabilities > Yetiforce > Yetiforce Customer Relationship Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-16 | CVE-2023-49508 | Path Traversal vulnerability in Yetiforce Customer Relationship Management Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component. | 6.5 |
| 2022-10-06 | CVE-2022-3002 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-09-20 | CVE-2022-3005 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-09-20 | CVE-2022-3004 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-09-20 | CVE-2022-3000 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-09-20 | CVE-2022-2924 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.3. | 5.4 |
| 2022-08-23 | CVE-2022-2829 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-08-22 | CVE-2022-2890 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-08-22 | CVE-2022-1340 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 5.4 |
| 2022-08-21 | CVE-2022-2885 | Unspecified vulnerability in Yetiforce Customer Relationship Management Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | 4.8 |