Vtiger CRM 'vtigerservice.php' Cross Site Scripting Vulnerability Network Vulnerability

Summary

vtiger CRM is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. vtiger CRM 5.2.1 is vulnerable other versions may also be affected.

References

http://www.vtiger.com/
https://www.securityfocus.com/bid/47267

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Open For Business HTML injection vulnerability
Allaire JRun directory browsing vulnerability
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities

vtiger CRM 'vtigerservice.php' Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities