Saturnusdj

**Name of the Vulnerable Software and Affected Versions** EspoCRM versions 9.1.6 and below **Description** EspoCRM is a web application featuring a single-page application frontend and a PHP-based REST API backend. If a user accesses EspoCRM in a browser with double slashes (e.g., `https://domain//#Admin`) and the webserver does not remove the double slash, it can corrupt the Slim router's cache, rendering the instance unusable until the cache is rebuilt. **Recommendations** Upgrade to version 9.1.7 or later.