Security Advisory

CVE-2021-3539

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-04 22:20:47

Last updated 2024-09-16 18:39:36

Assigner rapid7

State PUBLISHED

Description

EspoCRM 6.1.6 and prior suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 6.1.7 of the product.

← Browse all CVEs View on cve.org ↗