Unrated severityNVD Advisory· Published Jun 10, 2024· Updated Aug 2, 2024
SuiteCRM-Core Host Header Injection in /legacy
CVE-2024-36419
Description
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. A vulnerability in versions prior to 8.6.1 allows for Host Header Injection when directly accessing the /legacy route. Version 8.6.1 contains a patch for the issue.
Affected products
3- Range: < 8.6.1
Patches
Vulnerability mechanics
References
1- github.com/salesagility/SuiteCRM-Core/security/advisories/GHSA-3323-hjq3-c6vcmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.