5 matches found
The vulnerability of the index.php?module=users/registration&action=save component of the Rukovoditel customer relationship management system allows a attacker to perform XSS attacks.
The vulnerability of the index.php?module=users/registration&action=save component of the Customer Relationship Management system’s administration interface lies in the lack of protection for the website structure when processing the userphoto parameter. Exploiting this vulnerability allows an...
PT-2024-25920 · Unknown · Rukovoditel
Name of the Vulnerable Software and Affected Versions: Rukovoditel versions prior to 3.5.3 Description: The issue allows for XSS via the user photo parameter to My Page. This can potentially lead to malicious script execution. Recommendations: For versions prior to 3.5.3, update to version 3.5.3 ...
Rukovoditel 跨站脚本漏洞
Rukovoditel is a web-based open source project management software from the Rukovoditel team. The software features project management, customer relationship management, and more. A cross-site scripting vulnerability exists in Rukovoditel versions prior to 3.5.3, which stems from allowing...
Rukovoditel 跨站脚本漏洞
Rukovoditel is a web-based open source project management software from the Rukovoditel team. The software features project management, customer relationship management, and more. A cross-site scripting vulnerability exists in Rukovoditel versions prior to 3.5.3, which stems from allowing...
PT-2024-3329 · Unknown · Rukovoditel
Name of the Vulnerable Software and Affected Versions: Rukovoditel versions prior to 3.5.3 Description: The issue is related to a lack of protection for the web page structure when handling the user photo parameter in the "index.php?module=users/registration&action=save" endpoint. This can allow ...