XRMS: An open source web enabled LAMP based CRM.

Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.

[ reply ]