Welcome to Vtiger Community. To gain access for account, please contact [ info @ vtiger.com ]

Closed
Issue #93 · created by Manu ·


XSS vulnerability within the CRM

As authenticated user you will be able to create an organization with the name: <img src=x onerror="alert('XSS');" After saving the new organization every user who accesses the organizations tab and has the "Recently Modified" widget open (default) will run the malicious code.


3 participants