# Affected software: Fatt Free CRM - URL: http://www.fatfreecrm.com/ # Discovered by: Ankit Bharathan # Type of vulnerability: XSS Stored # # Fat Free CRM is an open source Ruby on Rails-based customer relationship management platform. Out of the box it features group collaboration, campaign and lead management, contact lists, and opportunity tracking. # # Description: Fat Free CRM is prone to a Persistent Cross Site Scripting attack that allows a malicious user to inject HTML or scripts that can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. # Proof of concept: 1> Go to http://demo.fatfreecrm.com/users/1 2> go to edit profile. 3> Fill the alternate email with a javascript payload eg: 4> save it and reload the page. the javascript payload gets executed -- Best Regards, *Ankit Bharathan.* *Save Energy... Save Nature... Go Green...* P *Consider the environment. Please don't print this e-mail unless absolutely necessary.*