Espo CRM suffers from a stored cross site scripting vulnerability.
3bb86fe1f689435d80279a9a78107772c104d848f9eab3a1f24666ade044e4a7
# Affected software: http://www.espocrm.com/demo/
# Discovered by: Ankit Bharathan
# Website: ankitbharathan.blogspot.com
# Type of vulnerability: Stored xss
# Description:
# A web application that allows you to see, enter and evaluate all
your company relationships regardless of the type. People, companies,
projects or opportunities -- all in an easy and intuitive interface.
#
# Description: espocrm is vulnerable to a Persistent Cross Site Scripting
attack that allows a malicious user to inject javascripts that can
access any cookies, session tokens, or other
sensitive information retained by your browser .
# Proof of concept:
# 1. Create a new account ( http://127.0.0.1/espocrm/#Account)
# 2. Complete the field Name using this value:
"><svg onload="prompt(/xss/);"><!--
# 3. Save changes.
# 4. boom :)
#screenshot:http://prntscr.com/4aiqae