Yetiforce: >> Yetiforce Customer Relationship Management >> 3.1.0 Security Vulnerabilities
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-02-16
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
5.4
EPSS Score
0.01
Published
2022-10-06
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-09-20
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-09-20
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-09-20
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.3.
CVSS Score
7.1
EPSS Score
0.01
Published
2022-09-20
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-23
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
9.0
EPSS Score
0.001
Published
2022-08-22
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
7.0
EPSS Score
0.001
Published
2022-08-22
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
CVSS Score
6.7
EPSS Score
0.001
Published
2022-08-21
Page 1