Vtiger: community verdicts
4 notable / known-exploited Vtiger CVEs the community has triaged.
- CVE-2024-44779CRIT 9.6Real · low riskEPSS 1%
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
- CVE-2024-44778CRIT 9.6Real · low riskEPSS 1%
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
- CVE-2024-44777CRIT 9.6Real · low riskEPSS 1%
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
- CVE-2024-44776MED 6.1EPSS 0%
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.