Unrated severityNVD Advisory· Published Jul 28, 2019· Updated Aug 5, 2024
CVE-2019-14329
CVE-2019-14329
Description
An issue was discovered in EspoCRM before 5.6.6. There is stored XSS due to lack of filtration of user-supplied data in Create Task. A malicious attacker can modify the parameter name to contain JavaScript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- EspoCRM/EspoCRMdescription
Patches
Vulnerability mechanics
References
3- www.cinquino.eu/EspoCRM.htmmitrex_refsource_MISC
- github.com/espocrm/espocrm/commit/4ab7d19776011288b875abd3eef1e1f6f75289e2mitrex_refsource_MISC
- github.com/espocrm/espocrm/compare/5.6.5...5.6.6mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.