CVE-2025-10345 | Perfex CRM 3.2.1 POST Request admin/leads/lead name/address cross site scripting

A vulnerability, which was classified as problematic, has been found in Perfex CRM 3.2.1. This affects an unknown part of the file admin/leads/lead of the component POST Request Handler. Performing manipulation of the argument name/address results in cross site scripting.

This vulnerability is cataloged as CVE-2025-10345. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More