Vulnerabilities > Vtiger > Vtiger CRM > 7.4.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-29 CVE-2024-44776 Open Redirect vulnerability in Vtiger CRM 7.4.0
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.
network
low complexity
vtiger CWE-601
6.1
6.1
2024-08-29 CVE-2024-44777 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6
2024-08-29 CVE-2024-44778 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6
2024-08-29 CVE-2024-44779 Cross-site Scripting vulnerability in Vtiger CRM 7.4.0
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
vtiger CWE-79
critical
 9.6
9.6
2022-09-27 CVE-2022-38335 Cross-site Scripting vulnerability in Vtiger CRM
Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the e-mail template modules.
network
low complexity
vtiger CWE-79
5.4
5.4