CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5353 – Improper Access Control in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-5353
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1. Control de acceso inadecuado en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.1. • https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa https://huntr.dev/bounties/3b3bb4f1-1aea-4134-99eb-157f245fa752 • CWE-284: Improper Access Control •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5351 – Cross-site Scripting (XSS) - Stored in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-5351
Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1. Cross-Site Scripting (XSS) almacenado en el repositorio de GitHub salesagility/suitecrm antes de 7.14.1. • https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa https://huntr.dev/bounties/f7c7fcbc-5421-4a29-9385-346a1caa485b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5350 – SQL Injection in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-5350
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1. Inyección SQL en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.1. • https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa https://huntr.dev/bounties/c56563cb-b74e-4174-a09a-cd07689d6736 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3627 – Cross-Site Request Forgery (CSRF) in salesagility/suitecrm-core
https://notcve.org/view.php?id=CVE-2023-3627
Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1. • https://github.com/salesagility/suitecrm-core/commit/78285702d76317f081b1fbc59cb2754e93b9a4c3 https://huntr.dev/bounties/558b3dce-db03-47ba-b60b-c6eb578e04f1 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3293 – Cross-site Scripting (XSS) - Stored in salesagility/suitecrm-core
https://notcve.org/view.php?id=CVE-2023-3293
Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0. • https://github.com/salesagility/suitecrm-core/commit/1f949f1ac2b7fe82f3c2c6071f842b804ba91929 https://huntr.dev/bounties/22cb0ee3-e5da-40e0-9d2c-ace9b759f171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •