OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – Security Stored XSS in email field of leads

This topic contains 3 replies, has 2 voices, and was last updated by Ivan Klymenko Ivan Klymenko 5 years, 12 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Author
  • #27960

    Hello. Yes, it was fixed in 1.3.2 CE and 1.5.1 EE


    Hi Ivan, Greetings! Thanks for the update! Is the demo at demo.orocrm.com updated, coz it was vulnerable when checked yesterday.


    Hi spurgeonbj, thanks for this catch. demo.orocrm.com was not updated yet. We are going to update it to the latest version soon.

Viewing 3 replies - 1 through 3 (of 3 total)

The forum ‘OroCRM – Security’ is closed to new topics and replies.

You will be redirected to [title]. Would you like to continue?

Yes No