CVE-2025-45755 – Vtiger CRM Stored XSS

May 21, 2025

CVE ID : CVE-2025-45755

Published : May 21, 2025, 8:15 p.m. | 26 minutes ago

Description : A Stored Cross-Site Scripting (XSS) vulnerability exists in Vtiger CRM Open Source Edition v8.3.0, exploitable via the Services Import feature. An attacker can craft a malicious CSV file containing an XSS payload, mapped to the Service Name field. When the file is uploaded, the application improperly sanitizes user input, leading to persistent script execution.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46412 – Vertiv Unauthenticated Web Server Function Bypass Vulnerability

Next Article CVE-2025-41426 – Vertiv Stack Buffer Overflow Vulnerability

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

A million customer conversations with AI agents yielded this surprising lesson

Bookworms: Don’t skip this Kindle Paperwhite Essentials bundle that’s on sale

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

Keyboard Testing in Accessibility Testing

Keyboard Testing in Accessibility Testing

Implementation of Custom Tables in Optimizely Configured Commerce

Token Limit – Monitor token usage in AI context files

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

dano – hashdeep/md5tree for media files

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

CVE-2025-45755 – Vtiger CRM Stored XSS

CVE-2025-20694 – Intel Bluetooth Denial of Service Vulnerability

CVE-2025-20693 – Intel Wireless LAN STA Driver Out-of-Bounds Read Information Disclosure Vulnerability

The Best Automating Content Creation Tools in 2025

CVE-2025-46343 – n8n Stored XSS Vulnerability

CVE-2025-5000 – “Linksys FGW3000 HTTP POST Request Handler Command Injection Vulnerability”

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

Unlocking Business Value with Custom AI Agent Development🤖

KDE Plasma 6.3.5 Update Available to Kubuntu Users

CVE-2025-46011 – Listmonk SQL Injection Privilege Escalation

How Hexagon built an AI assistant using AWS generative AI services

CVE-2025-45755 – Vtiger CRM Stored XSS

Related Posts