CVE-2025-32390 | EspoCRM up to 9.0.7 cross site scripting (GHSA-qrwp-v8v3-hqp2)

A vulnerability, which was classified as problematic, was found in EspoCRM up to 9.0.7. This affects an unknown part. The manipulation leads to basic cross site scripting.

This vulnerability is uniquely identified as CVE-2025-32390. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More