ГлавнаяУязвимости → CVE-2026-29100
7.1высокая

CVE-2026-29100

Описание

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Version 7.15.1 patches the issue.

Затрагиваемое ПО
Suitecrm Suitecrm
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Источники
https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-g7hf-3j93-rwm5