CNNVD-202508-644 Information
Aug 07, 2025
cve
CNNVD ID
CNNVD-202508-644
Related CVE
- CNNVD Published: 2025-08-07
Description (Chinese)
SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM存在SQL注入漏洞,该漏洞源于InboundEmail模块允许在后端数据库中执行任意查询,可能导致SQL注入。
Description (English)
SuiteCRM is a customer relationship management system for the SuiteCRM team. SuiteCRM has an SQL injection loophole, which stems from the fact that the InboundEmail module allows for random queries in back-end databases, which may lead to SQL injections.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
SuiteCRM
Published
2025-08-07
Last Modified
2026-02-24
References
https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_7 https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-v3m9-8wg7-c72x
Patch
https://github.com/SuiteCRM/SuiteCRM-Core/releases
Share on: