CVE-2023-6131: Code Injection in salesagility/suitecrm
First published: Tue Nov 14 2023(Updated: )
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SalesAgility SuiteCRM | <7.12.14 | |
| SalesAgility SuiteCRM | =7.14.0 | |
| SalesAgility SuiteCRM | =7.14.1 | |
| SalesAgility SuiteCRM | =8.4.0 | |
| SalesAgility SuiteCRM | =8.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-6131?
CVE-2023-6131 is a code injection vulnerability in the SalesAgility SuiteCRM GitHub repository.
How severe is CVE-2023-6131?
CVE-2023-6131 has a severity score of 8.8 (high).
Which versions of SalesAgility SuiteCRM are affected by CVE-2023-6131?
SalesAgility SuiteCRM versions prior to 7.14.2, 7.12.14, and 8.4.2 are affected by CVE-2023-6131.
How can I fix CVE-2023-6131?
To fix CVE-2023-6131, you should update to SalesAgility SuiteCRM version 7.14.2, 7.12.14, or 8.4.2.
Where can I find more information about CVE-2023-6131?
You can find more information about CVE-2023-6131 on the following links: [Huntr](https://huntr.com/bounties/5fa50b25-f6b1-408c-99df-4442c86c563f) and [SalesAgility SuiteCRM GitHub Commit](https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9).
- collector/mitre-cve
- collector/nvd-api
- agent/author
- agent/description
- agent/epss
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/epss-latest
- source/FIRST
- vendor/salesagility
- canonical/salesagility suitecrm
- version/salesagility suitecrm/7.14.0
- version/salesagility suitecrm/7.14.1
- version/salesagility suitecrm/8.4.0
- version/salesagility suitecrm/8.4.1