XRMS: An open source web enabled LAMP based CRM. Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.