CVE-2020-10227

A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt