CVE-2022-36137

Published November 29th, 2022

View on NVD ↗

CVSS v3

4.8

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader.

ChurchCRM - A free and open-source Church Management Software (ChMS) to help churches manage their membership data, groups, events, and finances.

GitHub

890