org.opencrx:opencrx-core-models@5.0.0 vulnerabilities
-
latest version
5.3.0
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
9 months ago
-
licenses detected
- [4.3-alpha-9,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.opencrx:opencrx-core-models package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.opencrx:opencrx-core-models is a Part of openCRX CRM platform. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to unsanitized parameters in the password reset functionality. This allows execution of external javascript files on any user of the openCRX instance. How to fix Cross-site Scripting (XSS)? Upgrade |
[4.0.0,5.2.0)
|