YetiForce CRM versions 6.4.0 and prior are vulnerable to cross-site scripting via the SlaPolicy
module. A patch is available at commit e55886781509fe39951fc7528347696474a17884.
{ "nvd_published_at": "2022-09-20T11:15:00Z", "github_reviewed_at": "2022-09-21T21:22:01Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-79" ] }