Stored Cross-Site Scripting (XSS) Vulnerability in Request a Quote Section of Small CRM v3.0 Allows Admin Account Takeover
CVE-2023-45394 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover.
Learn more about our Crm Penetration Testing.