Description

A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize user input in the "Bill To" address field within the estimate module. As a result, arbitrary HTML can be injected and rendered unescaped in client-facing documents.

INFO

Published Date :

2025-10-10T00:00:00.000Z

Last Modified :

2025-10-10T19:56:00.613Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-55903 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-55903.

URL Resource
https://codecanyon.net/item/perfex-powerful-open-source-crm/14013737 cve-icon cve-icon
https://github.com/ajansha/CVE-2025-55903 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System