Published: 20/01/2021 Updated: 22/01/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Vtiger CRM v7.2.0 allows an malicious user to display hidden files, list directories by using /libraries and /layout directories.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vtiger vtiger crm 7.2.0

Github Repositories

Vtiger CRM v7.2.0 has Cross-Site Scripting (XSS) and directory listing vulnerabilities.

Vtiger-CRM-Vulnerabilities Vtiger CRM v720 has Cross-Site Scripting (XSS) and directory listing vulnerabilities CVE-2020-19362 - CVE-2020-19363 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2020-19362 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2020-19363 Vtiger CRM Reflected XSS Vulnerability Reflected XSS in the Vtiger CRM v720 can result in an attacker perfo