SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-01-12T19:17:05

Updated: 2024-08-04T03:15:29.074Z

Reserved: 2021-09-24T00:00:00

Link: CVE-2021-41597

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-01-12T20:15:08.287

Modified: 2022-01-19T19:22:07.430

Link: CVE-2021-41597

cve-icon Redhat

No data.