OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – Security Stored XSS in email field of leads

This topic contains 3 replies, has 2 voices, and was last updated by  Ivan Klymenko 8 years, 6 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Author
  • #27960

    Ivan Klymenko

    Hello. Yes, it was fixed in 1.3.2 CE and 1.5.1 EE



    Hi Ivan, Greetings! Thanks for the update! Is the demo at demo.orocrm.com updated, coz it was vulnerable when checked yesterday.


    Ivan Klymenko

    Hi spurgeonbj, thanks for this catch. demo.orocrm.com was not updated yet. We are going to update it to the latest version soon.

Viewing 3 replies - 1 through 3 (of 3 total)

The forum ‘OroCRM – Security’ is closed to new topics and replies.

Back to top