CVE-2020-8804

CVE-2020-8804

EPSS 1.4%

SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/156331/SuiteCRM-7.11.10-SQL-Injection.html http://seclists.org/fulldisclosure/2020/Feb/7 https://suitecrm.com