Vulnerabilities

CVE-2023-5965

by Fred · 30/11/2023

An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution.

Date published : 2023-11-30

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-espocrm

Similar

Tags: Cybersecurity Alert