CVE-2026-33657 | EspoCRM up to 9.3.3 post cross site scripting

Inserito da Angelo Barbosa | Apr 13, 2026 | CVE

A vulnerability, which was classified as problematic, was found in EspoCRM up to 9.3.3. This impacts an unknown function. Such manipulation of the argument post leads to basic cross site scripting.

This vulnerability is uniquely identified as CVE-2026-33657. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-33657 | EspoCRM up to 9.3.3 post cross site scripting

Post correlati

CVE-2025-8706 | Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection

CVE-2024-33659 | AMI AptioV up to BKS_5.38 BIOS input validation

CVE-2025-0357 | Iqonic Design WPBookit Plugin up to 1.6.9 on WordPress handle_image_upload unrestricted upload

CVE-2024-33818 | Globitel KSA SpeechLog 8.1 userID resource injection