{"id":59231,"date":"2024-08-29T19:59:42","date_gmt":"2024-08-29T16:59:42","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/180461\/vtigercrm740-redirect.txt"},"modified":"2024-08-29T19:59:42","modified_gmt":"2024-08-29T16:59:42","slug":"vtiger-crm-7-4-0-open-redirection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/vtiger-crm-7-4-0-open-redirection\/","title":{"rendered":"vTiger CRM 7.4.0 Open Redirection"},"content":{"rendered":"<dl id=\"F180461\" class=\"file first\" readability=\"-1.1141732283465\">\n<dt><a class=\"ico text-plain\" href=\"https:\/\/packetstormsecurity.com\/files\/download\/180461\/vtigercrm740-redirect.txt\" title=\"Size: 1.1 KB\" target=\"_blank\" rel=\"noopener\"><strong>vTiger CRM 7.4.0 Open Redirection<\/strong><\/a><\/dt>\n<dd class=\"datetime\">Posted <a href=\"https:\/\/packetstormsecurity.com\/files\/date\/2024-08-29\/\" title=\"14:34:34 UTC\" target=\"_blank\" rel=\"noopener\">Aug 29, 2024<\/a><\/dd>\n<dd class=\"refer\">Authored by <a href=\"https:\/\/packetstormsecurity.com\/files\/author\/15349\/\" class=\"person\" target=\"_blank\" rel=\"noopener\">Marco Nappi<\/a><\/dd>\n<dd class=\"detail\" readability=\"0\">\n<p>An open redirection vulnerability in the page parameter of vTiger CRM version 7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.<\/p>\n<\/dd>\n<dd class=\"tags\"><span>tags<\/span> | <a href=\"https:\/\/packetstormsecurity.com\/files\/tags\/advisory\" target=\"_blank\" rel=\"noopener\">advisory<\/a><\/dd>\n<dd class=\"cve\"><span>advisories<\/span> | <a href=\"https:\/\/packetstormsecurity.com\/files\/cve\/CVE-2024-44776\" target=\"_blank\" rel=\"noopener\">CVE-2024-44776<\/a><\/dd>\n<dd class=\"md5\"><span>SHA-256<\/span> | <code>1ad0cb6785fe9f19ed8c5597cdd0806bba847585167c6c70c31e675249f0513e<\/code><\/dd>\n<dd class=\"act-links\"><a href=\"https:\/\/packetstormsecurity.com\/files\/download\/180461\/vtigercrm740-redirect.txt\" title=\"Size: 1.1 KB\" rel=\"nofollow noopener\" target=\"_blank\">Download<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/favorite\/180461\/\" class=\"fav\" rel=\"nofollow noopener\" target=\"_blank\">Favorite<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/180461\/vTiger-CRM-7.4.0-Open-Redirection.html\" target=\"_blank\" rel=\"noopener\">View<\/a><\/dd>\n<\/dl>\n<div class=\"src\" readability=\"9.8200514138817\">\n<pre><code>[CVE:ID]CVE-2024-44776<br>------------------------------------------<br>[Suggested description]An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.<br>------------------------------------------<br>[VulnerabilityType Other]:Open Redirect<br>------------------------------------------<br>[Vendor of Product]:vTiger<br>------------------------------------------<br>[Affected Product Code Base]vTiger CRM - 7.4.0.<br>------------------------------------------<br>[Affected Component]:Index of vTiger CRM<br>------------------------------------------<br>[Attack Type]:Remote<br>------------------------------------------<br>[Impact Information Disclosure]:true<br>------------------------------------------<br>[CVE Impact Other]:Redirect a victim to a malicious site<br>------------------------------------------<br>[Attack Vectors]:Crafted URL<br>-----------------------------------------<br>[Has vendor confirmed or acknowledged the vulnerability?]:true<br>------------------------------------------<br>[Discoverer]:Marco Nappi<br>------------------------------------------<br>[Reference]:http:\/\/vtiger.com<br>------------------------------------------<\/code><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>vTiger CRM 7.4.0 Open Redirection Posted Aug 29, 2024 Authored by Marco Nappi An open redirection vulnerability in the page parameter of vTiger CRM version 7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. tags | advisory advisories | CVE-2024-44776 SHA-256 | 1ad0cb6785fe9f19ed8c5597cdd0806bba847585167c6c70c31e675249f0513e Download | Favorite | View [CVE:ID]CVE-2024-44776&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;[Suggested description]An &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59231","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59231","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59231"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59231\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}