CNNVD-202510-1414 Information

CNNVD ID

CNNVD-202510-1414

Related CVE

CVE-2025-55903

• CNNVD Published: 2025-10-10

Description (Chinese)

Perfex CRM是Perfex CRM开源的一款客户关系管理软件。用于在云中管理客户、项目和创建发票。 Perfex CRM 3.3.1版本存在安全漏洞，该漏洞源于未清理用户输入，可能导致HTML注入攻击。

Description (English)

Perfex CRM is a client relationship management software for Perfex CRM. To manage clients, projects and create invoices in the clouds. Perfex CRM 3.3.1 has a security loophole, which originates from uncleaned user input and could lead to an HTML injection attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Perfex CRM

Published

2025-10-10

Last Modified

2026-02-24

References

https://codecanyon.net/item/perfex-powerful-open-source-crm/14013737 https://github.com/ajansha/CVE-2025-55903 https://access.redhat.com/security/cve/cve-2025-55903

Patch

https://help.perfexcrm.com/category/changelog/