pkg:Packagist/yetiforce/yetiforce-crm

All known vulnerabilities

• HIGH8.0CVE-2022-0269Cross-Site Request Forgery in yetiforce
  from 0, <= 6.3.0
• HIGH7.3CVE-2021-4111YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number
  from 0, <= 6.3.0
• MEDIUM6.6CVE-2021-4116yetiforcecrm is vulnerable to Cross-site Scripting
  from 0, <= 6.3.0
• MEDIUM6.5CVE-2023-49508YetiForceCRM Directory Traversal vulnerability
  from 0, < 6.5.0
• MEDIUM6.4CVE-2021-4121yetiforcecrm is vulnerable to Cross-site Scripting
  from 0, <= 6.3.0
• MEDIUM6.1CVE-2022-1411Unrestricted Upload of File with Dangerous Type in yetiforce-crm
  from 0, < 6.4.0
• MEDIUM5.4CVE-2022-3002YetiForce CRM vulnerable to stored Cross-site Scripting
  from 0, <= 6.4.0
• MEDIUM5.4CVE-2022-2924YetiForce CRM vulnerable to stored Cross-site Scripting via WidgetsManagement module
  from 0, <= 6.4.0
• MEDIUM5.4CVE-2022-3000YetiForce CRM vulnerable to stored Cross-site Scripting via LayoutEditor module
  from 0, <= 6.4.0
• MEDIUM5.4CVE-2022-3004YetiForce CRM vulnerable to stored Cross-site Scripting via WorkFlow module
  from 0, <= 6.4.0
• MEDIUM5.4CVE-2022-3005YetiForce CRM vulnerable to stored Cross-site Scripting via SlaPolicy module
  from 0, <= 6.4.0
• MEDIUM5.4CVE-2022-1340Cross site scripting in yetiforce/yetiforce-crm
  from 0, < 6.4.0
• MEDIUM5.4CVE-2022-2890Cross site scripting in yetiforce/yetiforce-crm
  from 0, < 6.4.0
• MEDIUM5.3CVE-2021-4107yetiforcecrm is vulnerable to Cross-site Scripting
  from 0, <= 6.3.0
• MEDIUM4.8CVE-2022-2885Cross site scripting in yetiforce/yetiforce-crm
  from 0, < 6.4.0
• MEDIUM4.3CVE-2021-4117YetiForceCRM is vulnerable to Business Logic Errors in the weight of a product
  from 0, <= 6.3.0
• MEDIUM4.3CVE-2021-4092yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)
  from 0, < 6.3.0