1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.Referenceshttps://github.com/cccaaasser/1CRM-CVE/blob/master/CVE-2019-14221.mdhttps://www.exploit-db.com/exploits/47206
