CVE-2021-4116

Description

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

Affected packages (1)

• Packagist/yetiforce/yetiforce-crmfrom 0, <= 6.3.0

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-4116
• PATCHhttps://github.com/yetiforcecompany/yetiforcecrm
• WEBhttps://github.com/yetiforcecompany/yetiforcecrm/commit/9cdb012ca64ff1f719f8120d5fd162cd5ef1013f
• WEBhttps://huntr.dev/bounties/7561bae7-9053-4dc8-aa59-b71acfb1712c