Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
yetiforcecompany

yetiforcecompany/yetiforcecrm

1 Version 17 CVEs

Versions

unspecified

OTHER 17 CVEs

Recent CVEs

CVE-2022-2829

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

HIGH Aug 23, 2022

CVE-2022-1340

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

HIGH Aug 22, 2022

CVE-2022-2885

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

MEDIUM Aug 21, 2022

CVE-2022-1411

Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. Attacker can send malicious files to the victims is able to retrieve the stored data from the web application without that data being made safe to render in the browser and steals victim's cookie leads to account takeover.

CRITICAL May 05, 2022

CVE-2021-4121

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM Dec 16, 2021

CVE-2021-4117

yetiforcecrm is vulnerable to Business Logic Errors

HIGH Dec 15, 2021

CVE-2021-4116

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM Dec 15, 2021

CVE-2021-4111

yetiforcecrm is vulnerable to Business Logic Errors

HIGH Dec 15, 2021

CVE-2021-4107

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM Dec 14, 2021

CVE-2021-4092

yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)

MEDIUM Dec 11, 2021