CVE-2025-70936

| EUVD-2025-209429 MEDIUM
2026-04-13 mitre GHSA-3q54-fg6h-32ch
XSS N A
5.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 14, 2026 - 16:22 vuln.today
CVSS Changed
Apr 14, 2026 - 16:22 NVD
5.4 (MEDIUM)

DescriptionNVD

Vtiger CRM 8.4.0 contains a reflected cross-site scripting (XSS) vulnerability in the MailManager module. Improper handling of user-controlled input in the _folder parameter allows a specially crafted, double URL-encoded payload to be reflected and executed in the context of an authenticated user s session.

AnalysisAI

Reflected cross-site scripting (XSS) in Vtiger CRM 8.4.0 MailManager module allows authenticated attackers to execute arbitrary JavaScript in a user's browser session via a specially crafted double URL-encoded payload in the _folder parameter. The vulnerability requires user interaction (UI:R) and affects confidentiality and integrity within the scope of the authenticated session. With an EPSS score of 0.02% (5th percentile), real-world exploitation risk is minimal despite public disclosure.

Technical ContextAI

The vulnerability exists in Vtiger CRM's MailManager module, a component for managing email functionality within the CRM platform. The root cause is improper input validation and output encoding of the _folder parameter, classified under CWE-79 (Improper Neutralization of Input During Web Page Generation). The attacker leverages double URL-encoding to bypass initial input sanitization, allowing the payload to reach the JavaScript rendering engine unfiltered. This occurs in a reflected XSS context, meaning the malicious input is not persisted but echoed back to the victim's browser, requiring the attacker to deliver the crafted URL to the target user.

RemediationAI

Upgrade Vtiger CRM to a patched version that addresses the XSS vulnerability in the MailManager module. Exact patched version numbers are not specified in the provided advisory data; consult the official Vtiger security advisory or changelog for the specific release containing the fix. As an interim measure, restrict access to the MailManager module to trusted users only, implement Content Security Policy (CSP) headers to mitigate reflected XSS impact, and conduct input validation and output encoding reviews of the _folder parameter in the MailManager code. Additionally, educate users to avoid clicking links from untrusted sources, as this vulnerability requires user interaction to trigger. For more details, refer to the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2025-70936 and the Vtiger project repository.

Share

CVE-2025-70936 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy