Posted on

EspoCRM 5.6.4 api/v1/User information disclosure

A vulnerability was found in EspoCRM 5.6.4. It has been classified as problematic. Affected is an unknown function of the file api/v1/User?filterList. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.