Suite CRM version 7.14.2 allows making arbitrary HTTP requests through
the vulnerable server. This is possible because the application is vulnerable
to SSRF.
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:salesagility:suitecrm:7.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*" ] }