CVE-2023-1060

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YKM YKM CRM allows Reflected XSS. This issue affects YKM CRM: before 23.03.30.

medium 6.1 CVSS 3.1

Published: Mar 31, 2023

Modified: Jun 1, 2026

Product: Ykm Crm

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YKM YKM CRM allows Reflected XSS.

This issue affects YKM CRM: before 23.03.30.

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vendor	Ykmbilisim
Product	Ykm Crm