Vulnerabilities

CVE-2017-14923

by Fred · 29/09/2017

Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.

Date published : 2017-09-29

http://openwall.com/lists/oss-security/2017/09/28/11

https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786

Related

Tags: Cybersecurity Alert