SuiteCRM prior to 7.12.2 and 8.x prior to 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
salesagility suitecrm 8.0 |
||
salesagility suitecrm |
||
salesagility suitecrm 8.0.0 |