A vulnerability categorized as critical has been discovered in Vtiger Vtiger CRM up to 8.3.0. Affected is an unknown function of the file config.inc.php of the component Documents module. The manipulation results in unrestricted upload.
This vulnerability is known as CVE-2026-23697. It is possible to launch the attack remotely. No exploit is available.