Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.
History

Fri, 10 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
Description Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-01-10T00:00:00

Updated: 2025-01-10T18:12:14.324958

Reserved: 2024-12-06T00:00:00

Link: CVE-2024-54687

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-01-10T18:15:22.630

Modified: 2025-01-10T18:15:22.630

Link: CVE-2024-54687

cve-icon Redhat

No data.