cybercrewinc/CVE-2026-36341

Releases0

Cross-Site Scripting (XSS) vulnerability exists in Webkul Krayin CRM (HTML Injection)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-36341 ↗	May 7, 2026Thursday, 7 May 2026, 16:16	5.4 MEDIUM	—
Cross-Site Scripting (XSS) vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint