Posts Tagged ‘EspoCRM’

espocrm logoThree new vulnerabilities in the Open Source CRM EspoCRM: PHP File Inclusion, Improper Access Control and Reflected Cross-Site Scripting.

Danger level: High
Availability Corrections: Yes
Number of vulnerabilities: 3

CVSSv2 Rating:
(AV: N / AC: H / Au: N / C: C / I: C / A: C / E: U / RL: OF / RC: C) = Base: 7.6 / Temporal: 5.6
(AV: N / AC: L / Au: N / C: N / I: N / A: P / E: U / RL: OF / RC: C) = Base: 5 / Temporal: 3.7
(AV: N / AC: M / Au: N / C: N / I: P / A: N / E: U / RL: OF / RC: C) = Base: 4.3 / Temporal: 3.2 (more…)