CVE-2019-10226: Injection Vulnerability

June 10, 2019 (updated June 11, 2019)

HTML Injection has been discovered in the Fat Free CRM product via an authenticated request to the /comments URI.

References

packetstormsecurity.com/files/152263/Fat-Free-CRM-0.19.0-HTML-Injection.html
nvd.nist.gov/vuln/detail/CVE-2019-10226

Detect and mitigate CVE-2019-10226 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →