CVE-2021-41597

NameCVE-2021-41597
DescriptionSuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

NOT-FOR-US: SuiteCRM

Search for package or bug name: Reporting problems