# Author:Provensec

# Vendor: insight.ly

# Vulnerability Type:persistent xss

# Discription: Integrated online customer relationship management (CRM)
and project management makes sure you are on top of critical business
processes.

# Exploit:
1 Goto add contacts

2 Fill the work address field with xss payload http://prntscr.com/4p657g

3 Save it and javascript will execute

http://prntscr.com/4p65bk