CVE-2023-45394 Information

Description

Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the \Request a Quote\ Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover.

Reference

https://github.com/kartik753/CVE/blob/main/CVE-2023-45394