Welcome to Vtiger Community. To gain access for account, please contact [ community @ vtiger.com ]

Issue #93 · created by Manu ·

XSS vulnerability within the CRM

As authenticated user you will be able to create an organization with the name: <img src=x onerror="alert('XSS');" After saving the new organization every user who accesses the organizations tab and has the "Recently Modified" widget open (default) will run the malicious code.

3 participants