fat_free_crm vulnerabilities

An open source, Ruby on Rails customer relationship management platform

Latest version: 0.18.1

Licenses detected

  • license: Unknown < 0.12.0, >= 0.11.0
  • license: MIT >= 0.12.0
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the fat_free_crm package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Cross-site Scripting (XSS)
<0.18.1 Not available 20 Aug, 2019
  • M
Cross-site Scripting (XSS)
<0.14.2,>=0.15.0, <0.15.2,>=0.16.0, <0.16.4,>=0.17.0, <0.17.3,>=0.18.0, <0.18.1 Not available 06 Jul, 2019
  • M
Cross-site Request Forgery (CSRF)
< 0.13.6 Not available 15 Feb, 2015
  • M
Cross-site Scripting (XSS)
>0.11.0, <0.13.3 Not available 21 Aug, 2014
  • M
Information Exposure
< 0.12.1 Not available 23 Dec, 2013
  • M
Cross-site Request Forgery (CSRF)
< 0.12.1 Not available 23 Dec, 2013
  • M
Arbitrary Code Execution
< 0.12.1 Not available 23 Dec, 2013
  • M
SQL Injection
< 0.12.1 Not available 23 Dec, 2013
  • M
Information Exposure
< 0.12.1 Not available 23 Dec, 2013