This is a detailed technical writeup describing a persistent XSS vulnerability in VTiger CRM v7.0, specifically in the 'To' field of the email compose module. It includes proof-of-concept steps, vulnerable parameters, and HTTP request logs demonstrating the exploit.
Classification
Writeup 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:VTiger CRM v7.0
Auth required
Prerequisites:Valid user account with access to the email compose module