CVE-2021-41597
Published
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS
Description
SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.
GitHub