CVE-2026-36341

Published
View on NVD ↗
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

Cross-Site Scripting (XSS) vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint

krayin/laravel-crm
krayin/laravel-crm
Free & Opensource Laravel CRM solution for SMEs and Enterprises for complete customer lifecycle management.
GitHubGitHub
22.7K
cybercrewinc/CVE-2026-36341
cybercrewinc/CVE-2026-36341
Cross-Site Scripting (XSS) vulnerability exists in Webkul Krayin CRM (HTML Injection)
GitHubGitHub