CVE-2024-8867 | Perfex CRM 3.1.6 Parameter Clients.php message cross site scripting

Inserito da Angelo Barbosa | Set 14, 2024 | CVE

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting.

This vulnerability was named CVE-2024-8867. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-8867 | Perfex CRM 3.1.6 Parameter Clients.php message cross site scripting

Post correlati

CVE-2022-30636 | x-crypto prior 0.0.0-20220525230936-793ad666bf5e on Go path traversal

CVE-2024-2222 | Advanced Classifieds & Directory Pro Plugin up to 3.0.0 on WordPress Attachment authorization

CVE-2024-0186 | HuiRan Host Reseller System up to 2.0.0 HTTP POST Request findpass password recovery

CVE-2024-1320 | EventPrime Plugin up to 3.4.3 on WordPress cross site scripting