CVE-2025-10343 | Perfex CRM 3.2.1 POST Request /expenses/expense expense_name cross site scripting

A vulnerability classified as problematic has been found in Perfex CRM 3.2.1. Affected by this vulnerability is an unknown functionality of the file /expenses/expense of the component POST Request Handler. This manipulation of the argument expense_name causes cross site scripting.

This vulnerability is tracked as CVE-2025-10343. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More