CVE-2022-27474
First published: Fri Apr 15 2022(Updated: )
SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SalesAgility SuiteCRM | =7.11.23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2022-27474.
What is the severity level of CVE-2022-27474?
The severity level of CVE-2022-27474 is high with a severity value of 7.2.
How does CVE-2022-27474 allow remote code execution?
CVE-2022-27474 allows remote code execution by injecting a crafted payload into the FirstName text field of SuiteCRM v7.11.23.
Which version of SuiteCRM is affected by CVE-2022-27474?
SuiteCRM v7.11.23 is affected by CVE-2022-27474.
How can I fix CVE-2022-27474?
To fix CVE-2022-27474, it is recommended to update to a patched version of SuiteCRM.
- collector/nvd-index
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/salesagility
- canonical/salesagility suitecrm
- version/salesagility suitecrm/7.11.23