<<< Date Index >>>     <<< Thread Index >>>

XSS on XRMS- open source CRM



XRMS: An open source web enabled LAMP based CRM.
Vulnerability: Confirmation messages upon updates in XRMS are clear text passed 
across in the URL. Simple test of injection of a script resulted in exposing 
cross site scripting vulnerability.