CVE-2024-54687 Information

Description

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php.

Reference

https://andrea0.medium.com https://andrea0.medium.com/analysis-of-cve-2024-54687-9d82f4c0eaa8