[MEDIUM] YetiForce CRM vulnerable to stored Cross-site Scripting via WorkFlow module

PKSA-m1h2-47p3-39p2 CVE-2022-3004 GHSA-qwc8-vjh3-gm2j

Affected package: yetiforce/yetiforce-crm

Affected version: <=6.4.0

Reported by:
GitHub