Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition prior to 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tine20 tine 2.0 |