Browse all 5 CVE security advisories affecting alexacrm. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AlexaCRM serves as a customer relationship management platform designed to streamline sales, marketing, and customer service operations. Historically, the system has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with five CVEs documented to date. Security researchers have identified authentication bypass flaws and insufficient input validation as recurring issues. While no major public security incidents have been widely reported, the accumulation of CVEs indicates persistent security challenges that require ongoing attention from administrators implementing the platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7695 | Dataverse Integration 2.77 - 2.81 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via reset_password_link REST Route — Dataverse IntegrationCWE-862 | 8.8 | High | 2025-07-24 |
This page lists every published CVE security advisory associated with alexacrm. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.