Vulnerability Details CVE-2019-6506
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://docs.suitecrm.com/admin/releases/#anchor-7.10.11
- https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_15
- https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_3
- https://docs.suitecrm.com/admin/releases/7.8.x/#_7_8_28
- https://suitecrm.com/suitecrm-7-11-3-lts-security-maintenance-patch-released/
- https://docs.suitecrm.com/admin/releases/#anchor-7.10.11
- https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_15
- https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_3
- https://docs.suitecrm.com/admin/releases/7.8.x/#_7_8_28
- https://suitecrm.com/suitecrm-7-11-3-lts-security-maintenance-patch-released/
Products affected by CVE-2019-6506
-
cpe:2.3:a:salesagility:suitecrm:7.11.0