[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via WidgetsManagement module

PKSA-54h1-gdcr-5mcv CVE-2022-2924 GHSA-2qf8-h7pr-x2r8

Affected package: yetiforce/yetiforce-crm

Affected version: <=6.4.0

Reported by:
GitHub