Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.
Metrics
Affected Vendors & Products
References
History
Fri, 10 Jan 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php. | |
References |
|
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: mitre
Published: 2025-01-10T00:00:00
Updated: 2025-01-10T18:12:14.324958
Reserved: 2024-12-06T00:00:00
Link: CVE-2024-54687
![cve-icon](/static/img/cisa-icon.png)
No data.
![cve-icon](/static/img/nvd-icon.png)
Status : Received
Published: 2025-01-10T18:15:22.630
Modified: 2025-01-10T18:15:22.630
Link: CVE-2024-54687
![cve-icon](/static/img/redhat-icon.png)
No data.