CVE-2026-33741 | EspoCRM up to 9.3.3 SVG File cross site scripting (GHSA-5wh5-ccv2-m3pv)

A vulnerability described as problematic has been identified in EspoCRM up to 9.3.3. Affected is an unknown function of the component SVG File Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is handled as CVE-2026-33741. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More