exploitDog

GHSA-66jf-c5vq-qxfv

Опубликовано: 10 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.

Ссылки

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-54687

CVSS3: 6.1

nvd

около 1 года назад

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79