Submit #54: SuiteCRM - Cross Site Scripting - Add Dashboard Pagesinfo

TitelSuiteCRM - Cross Site Scripting - Add Dashboard Pages
BeschreibungSecurity Issue: A Self XSS when combined with CSRF vulnerability leads to cookie stealing a.k.a session hijacking in Dashboard pages functionality. Versions affected: < 7.8.24, < 7.10.11 Versions Patched: 7.8.24+, 7.10.11+ & 7.11.x Advisory: https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11
Quelle⚠️ https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11
Benutzer
 SalesAgility (UID 2790)
Einreichung04.04.2019 12:21 (vor 7 Jahren)
Moderieren04.04.2019 12:26 (4 minutes later)
StatusAkzeptiert
VulDB Eintrag132961 [SalesAgility SuiteCRM bis 7.10.10 Cross Site Scripting]
Punkte18

ZurückÜbersichtWeiter

Interested in the pricing of exploits?

See the underground prices here!