Vulnerability in N/a

CVE-2025-70936

Vtiger CRM 8.4.0 contains a reflected cross-site scripting (XSS) vulnerability in the MailManager module. Improper handling of user-controlled input in the _folder parameter allows a specially crafted, double URL-encoded payload to be refl…

EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References