Suitecrm@8.4.1 Security Vulnerabilities and Issues — Suitecrm@8.4.1 CVE List

Lucene search

SalesagilitySuitecrm8.4.1

8 matches found

CVE•added 2023/11/14 4:15 p.m.•52 views

CVE-2023-6128

Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

6.8CVSS5.5AI score0.0016EPSS

CVE•added 2023/11/14 4:15 p.m.•50 views

CVE-2023-6127

Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

5.4CVSS5.5AI score0.00175EPSS

CVE•added 2023/11/14 3:15 p.m.•49 views

CVE-2023-6124

Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.

5CVSS4.7AI score0.00131EPSS

CVE•added 2023/11/14 5:15 p.m.•48 views

CVE-2023-6130

Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.8AI score0.00221EPSS

CVE•added 2023/11/14 4:15 p.m.•46 views

CVE-2023-6125

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.3AI score0.00114EPSS

CVE•added 2023/11/14 5:15 p.m.•45 views

CVE-2023-6131

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.7AI score0.0017EPSS

CVE•added 2023/11/21 8:15 p.m.•43 views

CVE-2023-47643

SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and understand the entire at...

5.3CVSS4.3AI score0.43187EPSS

CVE•added 2023/11/14 4:15 p.m.•42 views

CVE-2023-6126

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

9.8CVSS7.2AI score0.00142EPSS