CVE-2025-32385— EspoCRM allows unrestricted Embedding in Iframe dashlet
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-32385
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EspoCRM allows unrestricted Embedding in Iframe dashlet
Source: NVD (National Vulnerability Database)
Vulnerability Description
EspoCRM is an Open Source Customer Relationship Management software. Prior to 9.0.5, Iframe dashlet allows user to display iframes with arbitrary URLs. As the sandbox attribute is not included in the iframe, the remote page can open popups outside of the iframe, potentially tricking users and creating a phishing risk. The iframe URL is user-defined, so an attacker would need to trick the user into specifying a malicious URL. The missing sandbox attribute also allows the remote page to send messages to the parent frame. However, EspoCRM does not make use of these messages. This vulnerability is fixed in 9.0.5.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不当限制渲染UI层或帧
Source: NVD (National Vulnerability Database)
Vulnerability Title
EspoCRM 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
EspoCRM是EspoCRM开源的一套开源的基于Web的客户关系管理系统(CRM)。该系统提供销售自动化、社区和客户支持等功能。 EspoCRM 9.0.5之前版本存在安全漏洞,该漏洞源于Iframe dashlet缺少沙箱属性,可能导致钓鱼攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-32385
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-32385
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: espocrm
- CVE-2026-33733
EspoCRM has Admin TemplateManager path traversal that allows - CVE-2026-33656
EspoCRM vulnerable to authenticated RCE via Formula with pat - CVE-2026-33740
EspoCRM: Email importEml can import and delete another user' - CVE-2026-33659
EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl E - CVE-2026-33657
EspoCRM: Stored HTML injection in email notifications about
Same vendor: espocrm
- CVE-2026-33733
EspoCRM has Admin TemplateManager path traversal that allows - CVE-2026-33656
EspoCRM vulnerable to authenticated RCE via Formula with pat - CVE-2026-33740
EspoCRM: Email importEml can import and delete another user' - CVE-2026-33659
EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl E - CVE-2026-33657
EspoCRM: Stored HTML injection in email notifications about
Same weakness: CWE-1021
- CVE-2026-3254
Improper Restriction of Rendered UI Layers or Frames in GitL - CVE-2026-2378
Address bar spoofing risk in ArcSearch on Android - CVE-2025-62328
HCL Nomad server on Domino is affected by a missing default - CVE-2025-58405
Lack of protection mechanisms against Clickjacking attacks - CVE-2026-27511
Tenda F3 Clickjacking in Web Management Interface
V. Comments for CVE-2025-32385
No comments yet