Lucene search
MitreCVE-2024-44777HistoryAug 29, 2024 - 6:15 p.m.
CVE-2024-44777
2024-08-2918:15:14
CWE-79
mitre
web.nvd.nist.gov
25
vtiger crm 7.4.0
xss
tag parameter
reflected
arbitrary code
browser
injection
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
6
Confidence
High
EPSS
0.002
Percentile
53.2%
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user’s browser via injecting a crafted payload.
Affected configurations
Node
vtigervtiger_crmMatch7.4.0-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vtiger | vtiger_crm | 7.4.0 | cpe:2.3:a:vtiger:vtiger_crm:7.4.0:-:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-44777
2024-08-29 00:00:00
nvd
nvd
CVE-2024-44777
2024-08-29 18:15:14
cvelist
cvelist
CVE-2024-44777
2024-08-29 00:00:00
packetstorm
packetstorm
vTiger CRM 7.4.0 Cross Site Scripting
2024-08-29 00:00:00
zdt
zdt
vTiger CRM 7.4.0 Cross Site Scripting / Open Redirection Vulnerabilities
2024-08-29 00:00:00
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
6
Confidence
High
EPSS
0.002
Percentile
53.2%
Related for CVE-2024-44777