CVE-2024-54687

Description

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.

PUBLISHED Reserved 2024-12-06 | Published 2025-01-10 | Updated 2025-01-13 | Assigner mitre

References

andrea0.medium.com

andrea0.medium.com/analysis-of-cve-2024-54687-9d82f4c0eaa8

cve.org (CVE-2024-54687)

nvd.nist.gov (CVE-2024-54687)

Download JSON