A vulnerability described as problematic has been identified in EspoCRM up to 9.3.3 . Affected is an unknown function of the component SVG File Handler . Executing a manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2026-33741 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.