Vulnerability Database
Blog
FAQ
Docs
BIT-suitecrm-2023-6125
See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/suitecrm/BIT-suitecrm-2023-6125.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-suitecrm-2023-6125
Aliases
CVE-2023-6125
Published
2024-03-06T11:06:30.295Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
References
https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9
https://huntr.com/bounties/a9462f1e-9746-4380-8228-533ff2f64691
Affected packages
Bitnami
/
suitecrm
Package
Name
suitecrm
Purl
pkg:bitnami/suitecrm
Severity
5.4 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVSS Calculator
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
7.12.14
Type
SEMVER
Events
Introduced
7.14.0
Last affected
7.14.0
Introduced
7.14.1
Last affected
7.14.1
Introduced
8.4.0
Last affected
8.4.0
Introduced
8.4.1
Last affected
8.4.1
BIT-suitecrm-2023-6125 - OSV