CVE-2020-37094

Name of the Vulnerable Software and Affected Versions EspoCRM version 5.8.5

Description The software contains an authentication issue that allows unauthorized access to user accounts. Attackers can manipulate authorization headers, specifically decoding and modifying Basic Authorization and Espo-Authorization tokens, to gain access to administrative user information and privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.