CVE-2025-70936 | vTiger CRM 8.4.0 MailManager _folder cross site scripting

Inserito da Angelo Barbosa | Apr 14, 2026 | CVE

A vulnerability was found in vTiger CRM 8.4.0. It has been rated as problematic. The impacted element is an unknown function of the component MailManager Module. The manipulation of the argument _folder leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-70936. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-70936 | vTiger CRM 8.4.0 MailManager _folder cross site scripting

Post correlati

CVE-2024-21514 | OpenCart up to 3.0.3.9 Divido Payment Extension sql injection (SNYK-PHP-OPENCARTOPENCART-7266565)

CVE-2024-28237 | OctoPrint up to 1.9.3/1.10.0rc2 URL cross site scripting (GHSA-x7mf-wrh9-r76c)

CVE-2025-46783 | Ricoh Streamline NX V3 PC Client up to 3.242.0 path traversal (ricoh-2025-000005)

CVE-2025-41061 | appRain CMF 4.0.5 uploadify data[Addon][layouts]/data[Addon][layouts_except] cross site scripting