Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Apr 7, 2026
EspoCRM 5.8.5 - Privilege Escalation
CVE-2020-37094
Description
EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/48376mitreexploit
- www.vulncheck.com/advisories/espocrm-privilege-escalationmitrethird-party-advisory
- www.espocrm.commitreproduct
News mentions
0No linked articles in our index yet.