mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-31 10:40:54 +00:00
824 B
824 B
CVE-2022-22112
&color=brighgreen)
Description
In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). A low privileged attacker can input template injection payloads in the application at various locations to execute JavaScript on the client browser.
POC
Reference
Github
No PoCs found on GitHub currently.