CVE-2023-5350 — Vulnetix

CVE-2023-5350 PUBLISHED CVSS 6.400000095367432 MEDIUM

SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.

EPSS 15.28% · 94.8th percentile

Risk Scores

CVSS 3.0

6.400000095367432

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

EPSS Score

15.28%

94.8th percentile

Affected Products

Vendor	Product	Versions
salesagility	salesagility/suitecrm	unspecified, unspecified, unspecified
salesagility	suitecrm	0, 0, 0

Exploit Intelligence

https://huntr.dev/bounties/c56563cb-b74e-4174-a09a-cd07689d6736 (nist-nvd)
CIRCL seen: CVE-2023-5350 (circl-sighting)
CIRCL seen: CVE-2023-5350 (circl-sighting)
CIRCL seen: CVE-2023-5350 (circl-sighting)
https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa (circl)

Timeline

Jan 21, 1970 Security Advisory
Sep 13, 2022 PoC Published
Oct 3, 2023 CVE Published
Oct 3, 2023 PoC Published
Oct 4, 2023 EPSS Score
Nov 5, 2023 EPSS Score
Dec 6, 2023 EPSS Score
Jan 7, 2024 EPSS Score
Feb 8, 2024 EPSS Score
Apr 11, 2024 EPSS Score
May 13, 2024 EPSS Score
Jun 13, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›