OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – Security Stored XSS in email field of leads

This topic contains 3 replies, has 2 voices, and was last updated by  Ivan Klymenko 9 years, 6 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Author
    Replies
  • #27960

    Ivan Klymenko
    Spectator

    Hello. Yes, it was fixed in 1.3.2 CE and 1.5.1 EE

    #27961

    Spurgeon
    Participant

    Hi Ivan, Greetings! Thanks for the update! Is the demo at demo.orocrm.com updated, coz it was vulnerable when checked yesterday.

    #27962

    Ivan Klymenko
    Spectator

    Hi spurgeonbj, thanks for this catch. demo.orocrm.com was not updated yet. We are going to update it to the latest version soon.

Viewing 3 replies - 1 through 3 (of 3 total)

The forum ‘OroCRM – Security’ is closed to new topics and replies.

Back to top