GHSA-rp42-c45j-g46x

GitHub Security Advisory

yetiforcecrm is vulnerable to Cross-site Scripting

✓ GitHub Reviewed MODERATE Has CVE

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

Packagist yetiforce/yetiforce-crm

Affected versions: 0 (last affected: 6.3.0)

CVE-2021-4107

GHSA ID

GHSA-rp42-c45j-g46x

Published

December 16, 2021 2:12 PM

Last Modified

December 16, 2021 2:09 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

yetiforce/yetiforce-crm

GitHub Reviewed

✓ Yes

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.