VYPR
Unrated severityNVD Advisory· Published Jun 10, 2024· Updated Aug 2, 2024

SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller

CVE-2024-36410

Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax messages count controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.