Vulnerabilidades em Suitecrm
35 resultadosCVE-2025-64493MEDIUMSuiteCRM is Vulnerable to Authenticated Blind SQL Injection via GraphQLEPSS 0.3%CVE-2026-32697MEDIUMSuiteCRM: RecordHandler::getRecord() missing ACLAccess('view') check allows any authenticated user to read any record (IDOR)EPSS 0.3%CVE-2025-54786MEDIUMSuiteCRM: Legacy iCal service allows unauthenticated access to meeting dataEPSS 0.3%CVE-2026-29099HIGHSuiteCRM has Authenticated Blind SQL Injection in OutboundEmail Legacy Functionality.EPSS 0.3%CVE-2025-64490HIGHSuiteCRM's Inconsistent RBAC Enforcement Enables Access Control BypassEPSS 0.2%CVE-2026-29104LOWSuiteCRM Vulnerable to Authenticated Arbitrary File Upload via Configurator addfontresult View in SuiteCRMEPSS 0.2%CVE-2025-54787LOWSuiteCRM: Improper Authorization for attachment downloadsEPSS 0.2%CVE-2026-29105MEDIUMSuiteCRM has Unauthenticated Open Redirect in Leads WebToLead CaptureEPSS 0.2%CVE-2025-54784HIGHSuiteCRM is vulnerable to Cross Site Scripting (XSS) through its email viewerEPSS 0.2%CVE-2025-54783MEDIUMSuiteCRM: Reflected Cross Site Scripting (XSS) through HTTP Referrer headerEPSS 0.2%CVE-2025-41384MEDIUMReflected Cross-Site Scripting (XSS) in SuiteCRMEPSS 0.2%CVE-2026-29107MEDIUMSuiteCRM vulnerable to authenticated SSRF via PDF exportEPSS 0.2%CVE-2025-64491MEDIUMSuiteCRM is vulnerable to unauthenticated reflected XSS through its Login pageEPSS 0.2%CVE-2026-29100HIGHSuiteCRM has Reflected HTML Injection in Login Page via default_user_name ParameterEPSS 0.2%CVE-2026-29106MEDIUMSuiteCRM has blind XSS in return_id parameterEPSS 0.1%