VYPR

Packagist (Composer) package

oro/crm

pkg:composer/oro/crm

Vulnerabilities (1)

  • CVE-2021-39198MedNov 19, 2021
    affected >= 3.1.0, < 4.1.17fixed 4.1.17

    OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this