Filtered by vendor Oroinc
Subscriptions
Filtered by product Client Relationship Management
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32063 | 1 Oroinc | 1 Client Relationship Management | 2024-11-21 | 5 Medium |
| OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1.1. | ||||
| CVE-2021-39198 | 1 Oroinc | 1 Client Relationship Management | 2024-11-21 | 4.2 Medium |
| OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this vulnerability and all users are advised to update their package. | ||||
Page 1 of 1.