CVE-2024-36408 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Alerts Controller sql injection (GHSA-2g8f-gjrr-x5cg)

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability was found in SalesAgility SuiteCRM up to 7.14.3/8.6.0. It has been classified as critical. This affects an unknown part of the component Alerts Controller. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-36408. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36408 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Alerts Controller sql injection (GHSA-2g8f-gjrr-x5cg)

Related Posts

CVE-2024-20355 | Cisco ASA/Firepower Threat Defense Software authorization (cisco-sa-asaftd-saml-bypass-KkNvXyKW)

CVE-2024-41117 | opengeos streamlit-geospatial 126/up to 115 10_ eval vis_params input validation (GHSL-2024-100)

CVE-2024-50512 | Posti Shipping Plugin up to 3.10.2 on WordPress information exposure

CVE-2024-6012 | Cost Calculator Builder Plugin up to 3.2.12 on WordPress authorization