Lucene search

K
osvGoogleOSV:CVE-2021-41597
HistoryJan 12, 2022 - 8:15 p.m.

CVE-2021-41597

2022-01-1220:15:08
Google
osv.dev
5
suitecrm
csrf
vulnerability
remote code execution
upgradewizard
zip archive
php file

AI Score

7.4

Confidence

High

EPSS

0.006

Percentile

79.1%

SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.

AI Score

7.4

Confidence

High

EPSS

0.006

Percentile

79.1%

Related for OSV:CVE-2021-41597