CNNVD-202508-646 Information
Aug 07, 2025
cve
CNNVD ID
CNNVD-202508-646
Related CVE
- CNNVD Published: 2025-08-07
Description (Chinese)
SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.14.0至7.14.6版本存在跨站脚本漏洞,该漏洞源于电子邮件查看器容易受到跨站脚本攻击。
Description (English)
SuiteCRM is a customer relationship management system for the SuiteCRM team. Versions 7.14.0 to 7.14.6 of SuiteCRM contain a cross-site script loophole, which stems from the vulnerability of the e-mail viewer to cross-site script attacks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
SuiteCRM
Published
2025-08-07
Last Modified
2026-02-24
References
https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_7 https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-vg8q-xcq5-mh3p
Patch
https://github.com/SuiteCRM/SuiteCRM-Core/releases
Share on: