A stored cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3, allows remote malicious users to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
churchcrm churchcrm 4.5.3 |