Vulnerability Details CVE-2021-4107
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
- https://github.com/yetiforcecompany/yetiforcecrm/commit/a062d3d5fecb000db207a2ad8a446db97ad96b89
- https://huntr.dev/bounties/1d124520-cf29-4539-a0f3-6d041af7b5a8
- https://github.com/yetiforcecompany/yetiforcecrm/commit/a062d3d5fecb000db207a2ad8a446db97ad96b89
- https://huntr.dev/bounties/1d124520-cf29-4539-a0f3-6d041af7b5a8
Products affected by CVE-2021-4107
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:-
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:1.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:1.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:1.3.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:1.4.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.0.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.3.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.3.16
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:2.3.49
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:3.0.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:3.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:3.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:3.3.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:3.4.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:4.0.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:4.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:4.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:4.3.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:4.4.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:5.0.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:5.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:5.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:5.3.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:6.0.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:6.1.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:6.2.0
-
cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:6.3.0