SuiteCRM: Unverified IFrames Can Lead to Cross-Site Scripting Attacks - Proactive Insights and Support For Open-Source Applications

In SuiteCRM versions 7.14.4 and 8.6.1 a critical severity vulnerability CVE-2024-36417 was detected. An unverified IFrame could enable a cross-site scripting attack by allowing harmful inputs to be served to users without proper security checks. Versions 7.14.4 and 8.6.1 contain a fix for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36417/.