← voltar
CVE-2018-20816

CVE-2018-20816

EPSS 0.6%
An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_11https://docs.suitecrm.com/admin/releases/7.8.x/#_7_8_24https://github.com/salesagility/SuiteDocs/pull/198/files