4 matches found
CVE-2020-8802
SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...
CVE-2020-8802
SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...
CVE-2020-8802
Summary (CVE-2020-8802) : SuiteCRM up to version 7.11.11 is affected by an Incorrect Access Control via the HomeController::action_saveHTMLField() bean manipulation, which can create or modify arbitrary beans. This enables potential second-order SQL injection or PHP object injection as described ...
SuiteCRM 7.11.11 Bean Manipulation
-------------------------------------------------------------------------- SuiteCRM = 7.11.11 actionsaveHTMLField Bean Manipulation Vulnerability -------------------------------------------------------------------------- - Software Link: https://suitecrm.com/ - Affected Versions: Version 7.11.11...