PT-2021-11762 · Unknown · Group Office Crm

Fatih Çelik

·

Published

2021-04-14

·

Updated

2021-04-19

·

CVE-2020-35419

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions: Group Office CRM version 6.4.196
Description: The issue concerns a Cross Site Scripting (XSS) problem. It is related to the SET LANGUAGE parameter.
Recommendations: For Group Office CRM version 6.4.196, avoid using the SET LANGUAGE parameter until the issue is resolved.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-35419

Affected Products

Group Office Crm