CVE-2021-4195

Summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows XSS Targeting HTML Attributes.

This issue affects Customer Relation Manager: before 2022.03.13.

Affected Software

VendorProductVersion RangeStatus
Firmanet Software and TechnologyCustomer Relation Manager0 < 2022.03.13affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References