CVE-2018-20816

An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed.
References
Configurations

Configuration 1

cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*
cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*

Information

Published : 2019-04-05 04:29

Updated : 2021-07-22 03:50


NVD link : CVE-2018-20816

Mitre link : CVE-2018-20816

Products Affected
No products.