Loading
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php.
Use CWE-352, Vtiger vendor hub and Vtiger Crm product page to widen CVE-2009-3248 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-44779, CVE-2024-44778 and CVE-2024-44777 for nearby disclosures in the same product family.