[CVEID]

CVE-2021-45903

[PRODUCT]

SuiteCRM

[VERSION]

before 7.10.35 and before 7.12.2

[PROBLEM TYPE]

Cross Site Scripting (XSS)

[DESCRIPTION]

A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35 and before 7.12.2, allows a remote attacker to introduce arbitrary JavaScript via attachments upload, a different vulnerability than CVE-2021-39267 and CVE-2021-39268.

Timeline:

Reported to vendor 11.09.2021
Acknowledged 13.09.2021
Validated 13.09.2021
Fixed 17.12.2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-45903.md

CVE-2021-45903.md

[CVEID]

[PRODUCT]

[VERSION]

[PROBLEM TYPE]

[DESCRIPTION]

Timeline:

Files

CVE-2021-45903.md

Latest commit

History

CVE-2021-45903.md

File metadata and controls

[CVEID]

[PRODUCT]

[VERSION]

[PROBLEM TYPE]

[DESCRIPTION]

Timeline: