Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

yetiforcecompany — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting yetiforcecompany. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Yetiforcecompany develops CRM and ERP systems focused on business process automation. Historically, their products have been vulnerable to multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, with 17 CVEs documented. Security assessments reveal insufficient input validation, insecure direct object references, and inadequate access controls in their web applications. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices. Organizations implementing Yetiforce solutions should prioritize timely patching and conduct thorough security reviews to mitigate potential exploitation risks.

Top products by yetiforcecompany: yetiforcecompany/yetiforcecrm
CVE IDTitleCVSSSeverityPublished
CVE-2022-3002 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-10-06
CVE-2022-3005 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-09-20
CVE-2022-3004 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-09-20
CVE-2022-3000 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-09-20
CVE-2022-2924 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-09-20
CVE-2022-2829 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-08-23
CVE-2022-2890 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-08-22
CVE-2022-1340 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-08-22
CVE-2022-2885 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2022-08-21
CVE-2022-1411 Unrestructed file upload in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-434 7.6 -2022-05-05
CVE-2022-0269 Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-352 8.1 -2022-01-24
CVE-2021-4121 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2021-12-16
CVE-2021-4117 Business Logic Errors in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-840 4.3 -2021-12-15
CVE-2021-4116 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2021-12-15
CVE-2021-4111 Business Logic Errors in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-840 4.3 -2021-12-15
CVE-2021-4107 Cross-site Scripting (XSS) - Reflected in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-79 5.4 -2021-12-14
CVE-2021-4092 Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm — yetiforcecompany/yetiforcecrmCWE-352 4.3 -2021-12-11

This page lists every published CVE security advisory associated with yetiforcecompany. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.