Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

EspoCRM Broken Access Control: Low-Privilege User Can Persistently Modify Note Status Without Edit Rights

github.com 2026-05-29English translation pending; showing Chinese查看中文 →
Security AdvisoryHighEspoCRM
Affected:
  • EspoCRM <= 9.3.4
Fixed in:
  • EspoCRM 9.3.5
Referenced CVEs: CVE-2026-41160 · 4.3
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.
More from this source
mermaid Gantt infinite loop DoS fix in fixGanttDates 2026-05-30 TRENDnet TEW-432BRP Stack Overflow RCE Vulnerability 2026-05-30 mermaid Gantt Chart Denial of Service via Infinite Loop in fixGantt 2026-05-30 CVE-2024-42159: Mermaid Improper Configuration Sanitization Leading to CSS Injection 2026-05-30 Unauthenticated RCE via Pickle Deserialization in manga-image-translator Shared API 2026-05-30
Offline Archive

Offline screenshot & PDF are Pro-exclusive

Upgrade to Pro