Security Advisory

CVE-2025-10343

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-29 08:39:02

Last updated 2025-09-29 11:39:39

Assigner INCIBE

State PUBLISHED

Description

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter expense_name at the endpoint /expenses/expense.

← Browse all CVEs View on cve.org ↗