📦 Perfex Crm

This CVE describes a stored HTML injection vulnerability in Perfex CRM v3.2.1 where attackers can inject malicious HTML/JavaScript into the 'name' and 'address' fields when creating leads. This allows...

This CVE describes a stored HTML injection vulnerability in Perfex CRM v3.2.1 that allows attackers to inject malicious HTML content into knowledge base articles. The vulnerability affects all users o...

A stored HTML injection vulnerability in Perfex CRM v3.2.1 allows attackers to inject malicious HTML content via the 'name' parameter in POST requests to the '/subscriptions/create' endpoint. This aff...

This CVE describes a stored HTML injection vulnerability in Perfex CRM v3.2.1 where attackers can inject malicious HTML via the 'expense_name' parameter in POST requests to the '/expenses/expense' end...

Perfex CRM v3.2.1 has a stored HTML injection vulnerability that allows attackers to inject malicious HTML content into the application. This affects all users of Perfex CRM v3.2.1 who have access to ...