Описание
Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.0 (включая)
Одно из
cpe:2.3:a:vtiger:vtiger_crm:*:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:1.0:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:2.1:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:3:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:3.0:beta:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:3.2:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:it:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4:rc1:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.0:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.2:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.2:*:validation:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.2:patch1:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.0.4:rc:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.1.0:rc:*:*:*:*:*:*
cpe:2.3:a:vtiger:vtiger_crm:5.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00263
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
EPSS
Процентиль: 49%
0.00263
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79