VYPR
Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Apr 7, 2026

EspoCRM 5.8.5 - Privilege Escalation

CVE-2020-37094

Description

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Espocrm/Espocrmllm-fuzzy2 versions
    =5.8.5+ 1 more
    • (no CPE)range: =5.8.5
    • (no CPE)range: 5.8.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.