CVE-2024-36408 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Alerts Controller sql injection (GHSA-2g8f-gjrr-x5cg)

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability was found in SalesAgility SuiteCRM up to 7.14.3/8.6.0. It has been classified as critical. This affects an unknown part of the component Alerts Controller. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-36408. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36408 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Alerts Controller sql injection (GHSA-2g8f-gjrr-x5cg)

Related Posts

CVE-2024-49579 | JetBrains YouTrack up to 2024.3.46677 API Request verification of source

CVE-2024-6395 | GitHub Enterprise Server up to 3.9.16/3.10.13/3.11.11/3.12.5/3.13.0 information disclosure

CVE-2024-31493 | Fortinet FortiSOAR up to 7.0.3/7.2.2/7.3.0 HTTP Response unknown vulnerability (FG-IR-24-052)

CVE-2024-35201 | Intel SDP Tool on Windows default permission (intel-sa-01179)