ID
VAR-201402-0420
CVE
CVE-2013-7326
TITLE
vTiger CRM Vulnerable to cross-site scripting
Trust: 0.8
DESCRIPTION
Cross-site scripting (XSS) vulnerability in vTiger CRM 5.4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) return_url parameter to modules\com_vtiger_workflow\savetemplate.php, or unspecified vectors to (2) deletetask.php, (3) edittask.php, (4) savetask.php, or (5) saveworkflow.php. (1) modules\com_vtiger_workflow\savetemplate.php of return_url Parameters (2) deletetask.php Unspecified elements (3) edittask.php Unspecified elements (4) savetask.php Unspecified elements (5) saveworkflow.php Unspecified elements. Vtiger CRM is a set of customer relationship management system (CRM) based on SugarCRM developed by Vtiger in the United States. The management system provides functions such as management, collection, and analysis of customer information. A cross-site scripting vulnerability exists in Vtiger, which stems from programs that do not properly filter input submitted by users. When a user browses an affected website, their browser will execute arbitrary script code provided by the attacker, which may cause the attacker to steal cookie-based authentication and launch other attacks. Vtiger 5.4.0 has vulnerabilities. Other versions may also be affected. [SOJOBO-ADV-13-05] - Vtiger 5.4.0 Reflected Cross Site Scripting I. * Information * ================== Name : Vtiger 5.4.0 Reflected Cross Site Scripting Software : Vtiger 5.4.0 and possibly below. Vendor Homepage : https://www.vtiger.com/ Vulnerability Type : Reflected Cross-Site Scripting Severity : Medium (3/5) Advisory Reference : SOJOBO-ADV-13-05 (http://www.enkomio.com/Advisories) Credits: Sojobo dev team Description: A Reflected Cross Site Scripting vulnerability was discovered during the testing of Sojobo, Static Analysis Tool. II. * Details * =============== A) Reflected Cross Site Scripting in savetemplate.php, deletetask.php, edittask.php, savetask.php and saveworkflow.php [Impact: 3/5] Follow a trace to reach the vulnerable code. File: \modules\com_vtiger_workflow\savetemplate.php 45: vtSaveWorkflowTemplate($adb, $_REQUEST); ... 37: $returnUrl = $request['return_url']; ... 40: window.location="<?php echo $returnUrl?>"; The variable 'return_url' isn't correctly validated before to be printed in the page. A test request is: /index.php?module=com_vtiger_workflow&action=savetemplate&return_url="><script>alert('xss');</script> III. * Report Timeline * ======================== 26 October 2013 - First contact 29 October 2013 - Fix announced on the new version 10 December 2013 - Fix release with the new version IV. * About Sojobo * ==================== Sojobo allows you to find security vulnerabilities in your PHP web application source code before others do. By using the state of the art techniques Sojobo is able to identify the most critical vulnerabilities in your code and limit the number of false positives
Trust: 2.61
AFFECTED PRODUCTS
| vendor: | vtiger | model: | crm | scope: | eq | version: | 5.4.0 | Trust: 2.4 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-79 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 1.2
TYPE
xss
Trust: 1.3
CONFIGURATIONS
PATCH
| title: | Top Page | url: | https://www.vtiger.com/crm/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-7326 | Trust: 2.8 |
| db: | BID | id: | 64236 | Trust: 2.0 |
| db: | PACKETSTORM | id: | 124402 | Trust: 1.8 |
| db: | OSVDB | id: | 100897 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2013-006053 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201402-213 | Trust: 0.7 |
| db: | CNNVD | id: | CNNVD-201312-258 | Trust: 0.6 |
| db: | XF | id: | 89662 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20131211 [SOJOBO-ADV-13-05] - VTIGER 5.4.0 REFLECTED CROSS SITE SCRIPTING | Trust: 0.6 |
| db: | VULHUB | id: | VHN-67328 | Trust: 0.1 |
REFERENCES
| url: | http://www.enkomio.com/advisory/sojobo-adv-13-05 | Trust: 2.5 |
| url: | http://www.securityfocus.com/bid/64236 | Trust: 1.7 |
| url: | http://archives.neohapsis.com/archives/bugtraq/2013-12/0052.html | Trust: 1.7 |
| url: | http://packetstormsecurity.com/files/124402 | Trust: 1.7 |
| url: | http://osvdb.org/100897 | Trust: 1.7 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/89662 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7326 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7326 | Trust: 0.8 |
| url: | http://xforce.iss.net/xforce/xfdb/89662 | Trust: 0.6 |
| url: | http://sourceforge.net/projects/vtigercrm/files/vtiger%20crm%205.1.0/ | Trust: 0.3 |
| url: | http://www.enkomio.com/advisories) | Trust: 0.1 |
| url: | https://www.vtiger.com/ | Trust: 0.1 |
CREDITS
Sojobo dev team
Trust: 1.0
SOURCES
| db: | VULHUB | id: | VHN-67328 |
| db: | BID | id: | 64236 |
| db: | JVNDB | id: | JVNDB-2013-006053 |
| db: | PACKETSTORM | id: | 124402 |
| db: | CNNVD | id: | CNNVD-201312-258 |
| db: | CNNVD | id: | CNNVD-201402-213 |
| db: | NVD | id: | CVE-2013-7326 |
LAST UPDATE DATE
2025-04-11T23:01:41.622000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-67328 | date: | 2017-08-29T00:00:00 |
| db: | BID | id: | 64236 | date: | 2014-02-18T15:27:00 |
| db: | JVNDB | id: | JVNDB-2013-006053 | date: | 2014-02-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-201312-258 | date: | 2013-12-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201402-213 | date: | 2014-02-18T00:00:00 |
| db: | NVD | id: | CVE-2013-7326 | date: | 2025-04-11T00:51:21.963 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-67328 | date: | 2014-02-14T00:00:00 |
| db: | BID | id: | 64236 | date: | 2013-12-11T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-006053 | date: | 2014-02-19T00:00:00 |
| db: | PACKETSTORM | id: | 124402 | date: | 2013-12-12T04:41:27 |
| db: | CNNVD | id: | CNNVD-201312-258 | date: | 2013-12-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201402-213 | date: | 2014-02-18T00:00:00 |
| db: | NVD | id: | CVE-2013-7326 | date: | 2014-02-14T19:55:26.717 |