CVE-2024-36419

Published June 10th, 2024

View on NVD ↗

CVSS v3

4.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. A vulnerability in versions prior to 8.6.1 allows for Host Header Injection when directly accessing the `/legacy` route. Version 8.6.1 contains a patch for the issue.

SuiteCRM/SuiteCRM-Core

SuiteCRM - Open source CRM for the world

GitHub

265