[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

XSS on XRMS- open source CRM

XRMS: An open source web enabled LAMP based CRM.
Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.