Browse all 6 CVE security advisories affecting Perfex CRM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Perfex CRM serves as a customer relationship management platform for businesses handling client interactions and sales processes. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the six recorded CVEs highlight consistent security concerns in areas such as file handling and authentication mechanisms. The platform's open-source nature allows for community scrutiny but also exposes it to potential exploitation if timely updates aren't applied.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-10346 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 5.4AI | MediumAI | 2025-09-29 |
| CVE-2025-10345 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 5.5AI | MediumAI | 2025-09-29 |
| CVE-2025-10344 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 6.4AI | MediumAI | 2025-09-29 |
| CVE-2025-10343 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 5.4AI | MediumAI | 2025-09-29 |
| CVE-2025-10342 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 5.4AI | MediumAI | 2025-09-29 |
| CVE-2025-10341 | HTML injection in Perfex CRM — Perfex CRMCWE-79 | 5.4AI | MediumAI | 2025-09-29 |
This page lists every published CVE security advisory associated with Perfex CRM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.