# Exploit Title: YetiForce CRM < 3.1 - Persistant XSS Vulnerability
# Exploit Author: David Silveiro
# Exploit Author Github: github.com/davidsilveiro
# Exploit Author Twitter: twitter.com/david_silveiro
# Vendor Homepage: https://yetiforce.com/
# Software Link: http://sourceforge.net/projects/yetiforce/
# Date: Fixed on 20th June 2016
YetiForce CRM was built on a rock-solid Vtiger foundation, but has hundreds of changes that help to accomplish even the most challenging tasks in the simplest way
YetiForce is vulnerable to a stored XSS vulnerability present within a users comment section.
POC:
Within 'Companies & Accounts > Accounts' select your prefered user, and then in the 'Comments' section input;
<img src=x onerror=alert('XSS');>
Either refresh the current page, or navigate back to 'Accounts'
{"id": "EDB-ID:39998", "type": "exploitdb", "bulletinFamily": "exploit", "title": "YetiForce CRM < 3.1 - Persistent XSS", "description": "YetiForce CRM < 3.1 - Persistent XSS. Webapps exploit for php platform", "published": "2016-06-21T00:00:00", "modified": "2016-06-21T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/39998/", "reporter": "David Silveiro", "references": [], "cvelist": [], "lastseen": "2016-06-21T21:13:31", "viewCount": 8, "enchantments": {"score": {"value": -0.6, "vector": "NONE", "modified": "2016-06-21T21:13:31", "rev": 2}, "dependencies": {"references": [], "modified": "2016-06-21T21:13:31", "rev": 2}, "vulnersScore": -0.6}, "sourceHref": "https://www.exploit-db.com/download/39998/", "sourceData": "# Exploit Title: YetiForce CRM < 3.1 - Persistant XSS Vulnerability\r\n# Exploit Author: David Silveiro \r\n# Exploit Author Github: github.com/davidsilveiro\r\n# Exploit Author Twitter: twitter.com/david_silveiro \r\n# Vendor Homepage: https://yetiforce.com/\r\n# Software Link: http://sourceforge.net/projects/yetiforce/\r\n# Date: Fixed on 20th June 2016\r\n\r\nYetiForce CRM was built on a rock-solid Vtiger foundation, but has hundreds of changes that help to accomplish even the most challenging tasks in the simplest way\r\n\r\nYetiForce is vulnerable to a stored XSS vulnerability present within a users comment section.\r\n\r\nPOC:\r\n\r\nWithin 'Companies & Accounts > Accounts' select your prefered user, and then in the 'Comments' section input;\r\n\r\n<img src=x onerror=alert('XSS');>\r\n\r\nEither refresh the current page, or navigate back to 'Accounts'\r\n", "osvdbidlist": [], "immutableFields": []}