Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi agian
Description : XSS in module name will prompt in all other pages of X2CRM CE V6.9
Sample Pic:
Payload to use : "><img src=x onerror=prompt('@darknetguy');>
Tested on Windows 10 Firefox | Google Chrome // Cent-OS 7 Firefox | Chromium
BR,
Milad Fadavvi
The text was updated successfully, but these errors were encountered:
Thank you for the info Milad. We will have this fixed in our next release. I will keep this issue open until we have confirmed that the XSS has been removed.
Sorry, something went wrong.
w4tson442
No branches or pull requests
Hi agian
Description :
XSS in module name will prompt in all other pages of X2CRM CE V6.9
Sample Pic:

Payload to use : "><img src=x onerror=prompt('@darknetguy');>
Tested on Windows 10 Firefox | Google Chrome // Cent-OS 7 Firefox | Chromium
BR,
Milad Fadavvi
The text was updated successfully, but these errors were encountered: