VYPR
Unrated severityNVD Advisory· Published Apr 14, 2025· Updated Apr 14, 2025

Webkul Krayin CRM SVG File edit cross site scripting

CVE-2025-3568

Description

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor prepares a fix for the next major release and explains that he does not think therefore that this should qualify for a CVE.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Webkul/Krayin CRMllm-fuzzy2 versions
    <=2.1.0+ 1 more
    • (no CPE)range: <=2.1.0
    • (no CPE)range: 2.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.