5 matches found
BIT-SUITECRM-2021-39268
Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via malicious SVG files. This occurs because the cleanfileoutput protection mechanism can be bypassed...
CVE-2021-39268
Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via malicious SVG files. This occurs because the cleanfileoutput protection mechanism can be bypassed...
CVE-2021-39268
Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via malicious SVG files. This occurs because the cleanfileoutput protection mechanism can be bypassed...
Cross site scripting
Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via malicious SVG files. This occurs because the cleanfileoutput protection mechanism can be bypassed...
CVE-2021-39268
Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via malicious SVG files. This occurs because the cleanfileoutput protection mechanism can be bypassed...