vtiger CRM 5.4.0 and previous versions contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.
vtiger vtiger crm