GHSA-7v7w-f7c6-f829

GitHub Security Advisory

YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number

✓ GitHub Reviewed HIGH Has CVE

YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number.

Packagist yetiforce/yetiforce-crm

Affected versions: 0 (last affected: 6.3.0)

CVE-2021-4111

GHSA ID

GHSA-7v7w-f7c6-f829

Published

December 16, 2021 9:01 PM

Last Modified

August 11, 2022 6:47 PM

CVSS Score

7.5 /10

Primary Ecosystem

Packagist

Primary Package

yetiforce/yetiforce-crm

GitHub Reviewed

✓ Yes

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.