CVE-2023-52265

Published December 30th, 2023

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

2

PROJECTS

Description

IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data.

wbowm15/jubilant-enigma

GitHub

idurar/idurar-erp-crm

Free Open Source ERP CRM Software Accounting Invoicing | Node Js React

GitHub

8.43K