CVE-2026-33733 | EspoCRM up to 9.3.3 Admin Template Management Endpoint name/scope path traversal

A vulnerability marked as problematic has been reported in EspoCRM up to 9.3.3. This issue affects some unknown processing of the component Admin Template Management Endpoint. Performing a manipulation of the argument name/scope results in relative path traversal.

This vulnerability is known as CVE-2026-33733. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More