First published: Fri Sep 18 2009(Updated: )
Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Vtiger Vtiger Crm | =5.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.