VYPR
← All vendors
Vendor

Yetiforcecompany

Products
1
CVEs
17
Across products
17
Status
Private

Products

1

Recent CVEs

17
  • CVE-2022-3002Oct 6, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-3005Sep 20, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-3004Sep 20, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-3000Sep 20, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-2924Sep 20, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.3.

  • CVE-2022-2829Aug 23, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-2890Aug 22, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-1340Aug 22, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-2885Aug 21, 2022
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

  • CVE-2022-1411May 5, 2022
    risk 0.00cvss epss 0.00

    Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. Attacker can send malicious files to the victims is able to retrieve the stored data from the web application without that data being made safe to render in the browser and steals victim's cookie leads to account takeover.

  • CVE-2022-0269Jan 24, 2022
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0.

  • CVE-2021-4121Dec 16, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4117Dec 15, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Business Logic Errors

  • CVE-2021-4116Dec 15, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4111Dec 15, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Business Logic Errors

  • CVE-2021-4107Dec 14, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4092Dec 11, 2021
    risk 0.00cvss epss 0.00

    yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)