1 results (0.005 seconds)
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40361
https://notcve.org/view.php?id=CVE-2022-40361
11 Jan 2024 — Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint. La vulnerabilidad de cross site scripting en Elite CRM v1.2.11 permite a un atacante ejecutar código arbitrario a través del parámetro de idioma en el endpoint /ngs/login. • https://elitecrm.co • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •