Home

Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, unchecked input allows for open re-direct. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

PUBLISHED Reserved 2024-05-27 | Published 2024-06-10 | Updated 2024-08-02 | Assigner GitHub_M




MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Problem types

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

Product status

< 7.14.4
affected

>= 8.0.0, < 8.6.1
affected

References

github.com/...iteCRM/security/advisories/GHSA-hcw8-p37h-8hrv

github.com/...iteCRM/security/advisories/GHSA-hcw8-p37h-8hrv

cve.org (CVE-2024-36406)

nvd.nist.gov (CVE-2024-36406)

Download JSON