CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6128 – Cross-site Scripting (XSS) - Reflected in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6128
Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Cross-site Scripting (XSS) Reflejados en el repositorio de GitHub salesagility/suitecrm anteriores a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/51406547-1961-45f2-a416-7f14fd775d2d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6127 – Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6127
Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Carga sin restricciones de archivos con tipo peligroso en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/bf10c72b-5d2e-4c9a-9bd6-d77bdf31027d • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6126 – Code Injection in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6126
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Inyección de código en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/e22a9be3-3273-42cb-bfcc-c67a1025684e • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6125 – Code Injection in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6125
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Inyección de código en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/a9462f1e-9746-4380-8228-533ff2f64691 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6124 – Server-Side Request Forgery (SSRF) in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6124
Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14. Server-Side Request Forgery (SSRF) en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 8.4.2, 7.12.14. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/aed4d8f3-ab9a-42fd-afea-b3ec288a148e • CWE-918: Server-Side Request Forgery (SSRF) •