15Şub
CVE-2025-1360 | Internet Web Solutions Sublime CRM up to 20250207 HTTP POST Request /crm/inicio.php msg_to cross site scripting
A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected is an unknown function of the file /crm/inicio.php of the component HTTP POST Request Handler. The manipulation of the argument msg_to leads to cross site scripting. This vulnerability is traded as CVE-2025-1360. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.