Описание
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
Ссылки
- Product
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vtiger:vtiger_crm:7.4.0:-:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01661
Низкий
9.6 Critical
CVSS3
7.4 High
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 7.4
github
больше 1 года назад
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
EPSS
Процентиль: 82%
0.01661
Низкий
9.6 Critical
CVSS3
7.4 High
CVSS3
Дефекты
CWE-79
CWE-79