Fatfreecrm - Fat Free Crm CVE

Filtered by vendor Fatfreecrm Subscribe

Filtered by product Fat Free Crm

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10226	1 Fatfreecrm	1 Fat Free Crm	2020-08-24	4.3 MEDIUM	5.4 MEDIUM
HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI.
CVE-2018-20975	1 Fatfreecrm	1 Fat Free Crm	2019-08-26	4.3 MEDIUM	6.1 MEDIUM
Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb.

Vulnerabilities (CVE)