Cross site scripting

Cross-site scripting XSS vulnerability in vTiger CRM 5.4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 returnurl parameter to modules\comvtigerworkflow\savetemplate.php, or unspecified vectors to 2 deletetask.php, 3 edittask.php, 4 savetask.php, or 5 saveworkflow.php...

Vtiger 5.4.0 Cross Site Scripting

SOJOBO-ADV-13-05 - Vtiger 5.4.0 Reflected Cross Site Scripting I. Information ================== Name : Vtiger 5.4.0 Reflected Cross Site Scripting Software : Vtiger 5.4.0 and possibly below. Vendor Homepage : https://www.vtiger.com/ Vulnerability Type : Reflected Cross-Site Scripting Severity :...