CVE-2020-10227

A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email.

Date published : 2020-09-14

https://sourceforge.net/projects/vtecrm/

https://vtenext.com/en/