VYPR
Unrated severityNVD Advisory· Published Jun 10, 2024· Updated Aug 2, 2024

SuiteCRM authenticated SQL Injection in Alerts

CVE-2024-36408

Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in the Alerts controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.