In SuiteCRM prior to versions 7.14.4 and 8.6.1, a medium severity vulnerability CVE-2024-36413 was detected. A weakness in the import module error view allows XSS attacks due to improper input sanitization. Versions 7.14.4 and 8.6.1 fix this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36413.
SuiteCRM: Import Module Flaw Enables XSS Attacks
by the Hossted team
21.06.2024
21.06.2024