Filtered by vendor 1crm
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-15958 | 1 1crm | 1 1crm | 2021-07-21 | 5.0 MEDIUM | 8.6 HIGH |
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL. | |||||
CVE-2019-14221 | 1 1crm | 1 1crm On-premise | 2019-08-27 | 3.5 LOW | 5.4 MEDIUM |
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation. |