Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2024-36417 SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame

🗓️ 10 Jun 2024 19:56:55Reported by GitHub_MType 
cvelist
 cvelist🔗 www.cve.org👁 13 Views

SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame. Unverified IFrame can be added to inputs in versions prior to 7.14.4 and 8.6.1

Show more
Related
Affected
Refs
ReporterTitlePublishedViews
Family
CVE		CVE-2024-36417
10 Jun 202420:15
cve
NVD		CVE-2024-36417
10 Jun 202420:15
nvd
Vulnrichment		CVE-2024-36417 SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame
10 Jun 202419:55
vulnrichment
OSV		CVE-2024-36417
10 Jun 202420:15
osv
OSV		BIT-SUITECRM-2024-36417
12 Jun 202407:36
osv
[
  {
    "vendor": "salesagility",
    "product": "SuiteCRM",
    "versions": [
      {
        "version": "< 7.14.4",
        "status": "affected"
      },
      {
        "version": ">= 8.0.0, < 8.6.1",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
10 Jun 2024 19:55Current
CVSS35.7
EPSS0.0005
CWE-79
suitecrmxsscode executionmalicious iframecross-site scriptingsecurity vulnerabilityopen-sourcecrmsoftware applicationversions 7.14.48.6.1fix
13
.json
Report