5 matches found
CVE-2020-8800
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection...
CVE-2020-8800
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection...
CVE-2020-8800
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection...
CVE-2020-8800
CVE-2020-8800 affects SuiteCRM up to version 7.11.11, enabling a second-order PHP Object Injection in EmailsControllerActionGetFromFields via unserialize of the account_signatures preference. The vulnerability description indicates arbitrary PHP object injection and potential code execution paths...
SuiteCRM 7.11.11 Second-Order PHP Object Injection
--------------------------------------------------------------------- SuiteCRM = 7.11.11 Second-Order PHP Object Injection Vulnerabilities --------------------------------------------------------------------- - Software Link: https://suitecrm.com/ - Affected Versions: Version 7.11.11 and prior...