| Title | SuiteCRM - Cross Site Scripting - Add Dashboard Pages |
|---|
| Description | Security Issue: A Self XSS when combined with CSRF vulnerability leads to cookie stealing a.k.a session hijacking in Dashboard pages functionality.
Versions affected: < 7.8.24, < 7.10.11
Versions Patched: 7.8.24+, 7.10.11+ & 7.11.x
Advisory: https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11
|
|---|
| Source | ⚠️ https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11 |
|---|
| User | SalesAgility (UID 2790) |
|---|
| Submission | 04/04/2019 12:21 (7 years ago) |
|---|
| Moderation | 04/04/2019 12:26 (4 minutes later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 132961 [SalesAgility SuiteCRM up to 7.10.10 cross site scripting] |
|---|
| Points | 18 |
|---|