Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • V vtigercrm
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 531
    • Issues 531
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 33
    • Merge requests 33
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar

Welcome to Vtiger Community. To gain access for account, please contact [ community @ vtiger.com ]

  • vtiger
  • vtigercrm
  • Issues
  • #93
Closed
Open
Issue created Feb 02, 2016 by Manu@manu.k

XSS vulnerability within the CRM

As authenticated user you will be able to create an organization with the name: <img src=x onerror="alert('XSS');" After saving the new organization every user who accesses the organizations tab and has the "Recently Modified" widget open (default) will run the malicious code.

Assignee
Assign to
Time tracking

Copyright 2023 Vtiger. All rights reserved.