Cross Site Scripting (XSS) in X2Engine X2CRM v7.1 allows remote malicious users to obtain sensitive information by injecting arbitrary web script or HTML via the "Comment" field in "/profile/activity" page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|