An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x prior to 7.8.24 and 7.10.x prior to 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
salesagility suitecrm |