CVE-2024-24818 - Vulnerability Details - OpenCVE

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00127.

Key SSVC decision points have not yet been added.

Vendors	Products
Espocrm Subscribe	Espocrm Subscribe

Configuration 1 [-]

cpe:2.3:a:espocrm:espocrm:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-22188	EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7
https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j

History

Fri, 27 Jun 2025 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Espocrm Espocrm espocrm
Weaknesses		CWE-601
CPEs		cpe:2.3:a:espocrm:espocrm::::::::
Vendors & Products		Espocrm Espocrm espocrm

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-29T15:17:16.859Z

Updated: 2024-08-05T17:15:03.682Z

Reserved: 2024-01-31T16:28:17.942Z

Link: CVE-2024-24818

Vulnrichment

Updated: 2024-08-01T23:28:12.614Z

NVD

Status : Analyzed

Published: 2024-03-21T02:52:12.073

Modified: 2025-06-27T14:35:32.800

Link: CVE-2024-24818

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24818", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-31T16:28:17.942Z", "datePublished": "2024-02-29T15:17:16.859Z", "dateUpdated": "2024-08-05T17:15:03.682Z"}, "containers": {"cna": {"title": "EspoCRM weakness in \"Forgot password\"", "problemTypes": [{"descriptions": [{"cweId": "CWE-610", "lang": "en", "description": "CWE-610: Externally Controlled Reference to a Resource in Another Sphere", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j"}, {"name": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "tags": ["x_refsource_MISC"], "url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7"}], "affected": [{"vendor": "espocrm", "product": "espocrm", "versions": [{"version": "< 8.1.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-29T15:17:16.859Z"}, "descriptions": [{"lang": "en", "value": "EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in \"Password Change\" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2."}], "source": {"advisory": "GHSA-8gv6-8r33-fm7j", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.614Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j"}, {"name": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7"}]}, {"affected": [{"vendor": "espocrm", "product": "espocrm", "cpes": ["cpe:2.3:a:espocrm:espocrm:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "8.1.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-05T17:13:07.854434Z", "id": "CVE-2024-24818", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T17:15:03.682Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "name": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "name": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.614Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24818", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-05T17:13:07.854434Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:espocrm:espocrm:-:*:*:*:*:*:*:*"], "vendor": "espocrm", "product": "espocrm", "versions": [{"status": "affected", "version": "0", "lessThan": "8.1.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T17:14:55.382Z"}}], "cna": {"title": "EspoCRM weakness in \"Forgot password\"", "source": {"advisory": "GHSA-8gv6-8r33-fm7j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "espocrm", "product": "espocrm", "versions": [{"status": "affected", "version": "< 8.1.2"}]}], "references": [{"url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "name": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "name": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in \"Password Change\" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-610", "description": "CWE-610: Externally Controlled Reference to a Resource in Another Sphere"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-29T15:17:16.859Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24818", "state": "PUBLISHED", "dateUpdated": "2024-08-05T17:15:03.682Z", "dateReserved": "2024-01-31T16:28:17.942Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-02-29T15:17:16.859Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:espocrm:espocrm:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B720403-FE53-4C66-BA6A-BC535A68FA6B", "versionEndExcluding": "8.1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in \"Password Change\" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2."}, {"lang": "es", "value": "EspoCRM es un software de gesti\u00f3n de relaciones con el cliente de c\u00f3digo abierto. Un atacante puede inyectar una direcci\u00f3n IP o un dominio arbitrario en la p\u00e1gina \"Cambio de contrase\u00f1a\" y redirigir a la v\u00edctima a una p\u00e1gina maliciosa que podr\u00eda provocar el robo de credenciales u otro ataque. Esta vulnerabilidad se soluciona en 8.1.2."}], "id": "CVE-2024-24818", "lastModified": "2025-06-27T14:35:32.800", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-21T02:52:12.073", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-610"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}]}