📦 Civicrm

by Civicrm

🔍 What is Civicrm?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2020-36388

HIGH CVSS 8.8 Jun 17, 2021

This vulnerability allows authenticated users to upload and execute malicious PHAR archives in CiviCRM, potentially leading to remote code execution. It affects CiviCRM installations before version 5....

CVE-2025-65187

MEDIUM CVSS 6.1 Dec 2, 2025

A stored cross-site scripting (XSS) vulnerability in CiviCRM allows authenticated users to inject malicious JavaScript into the Accounting Batches field. This script executes whenever the vulnerable p...