COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-44778

CVE-2024-44778

Severity
critical
Source
NVD · cve
Published
2024-08-29
CVSS
9.6
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-44778
⚡ RCE shame 50/100 rce

A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Players implicated

vtiger · vendorvtiger crm · product

Description

A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.