CVE-2024-36406

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-601
View all →

Vulnerability Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, unchecked input allows for open re-direct. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

Related Vulnerabilities

CVE-2016-0228

MEDIUM
CVSS:5.4(Medium)

IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redi...

CWE-6012016

CVE-2016-0329

MEDIUM
CVSS:5.4(Medium)

Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before...

CWE-6012016

CVE-2016-4604

MEDIUM
CVSS:5.4(Medium)

Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.

CWE-6012016

CVE-2016-8949

MEDIUM
CVSS:5.4(Medium)

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-craft...

CWE-6012016

CVE-2016-8953

MEDIUM
CVSS:5.4(Medium)

IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a rem...

CWE-6012016

CVE-2017-1159

MEDIUM
CVSS:5.4(Medium)

IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remot...

CWE-6012017