SuiteCRM up to and including 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
salesagility suitecrm |