Vulnerabilities > Vtiger > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-48119 | Cross-site Scripting vulnerability in Vtiger CRM 8.2.0 Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. | 5.4 |
| 2024-08-29 | CVE-2024-44776 | Open Redirect vulnerability in Vtiger CRM 7.4.0 An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. | 6.1 |
| 2022-09-27 | CVE-2022-38335 | Cross-site Scripting vulnerability in Vtiger CRM Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the e-mail template modules. | 5.4 |
| 2021-01-20 | CVE-2020-19363 | Information Exposure vulnerability in Vtiger CRM 7.2.0 Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories. | 6.5 |
| 2021-01-20 | CVE-2020-19362 | Cross-site Scripting vulnerability in Vtiger CRM 7.2.0 Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page. | 6.1 |
| 2019-06-06 | CVE-2018-8047 | Cross-site Scripting vulnerability in Vtiger CRM vtiger CRM 7.0.1 is affected by one reflected Cross-Site Scripting (XSS) vulnerability affecting version 7.0.1 and probably prior versions. | 6.1 |