Jack7Anderson7

**Name of the Vulnerable Software and Affected Versions** SuiteCRM versions 7.14.6 and below **Description** SuiteCRM is an open-source Customer Relationship Management (CRM) software application susceptible to a Reflected Cross-Site Scripting (XSS) issue. An attacker can execute JavaScript code by manipulating the HTTP Referer header to include a malicious domain containing JavaScript code. The server attempts to block the domain but allows the JavaScript code to execute. **Recommendations** Upgrade to SuiteCRM version 7.14.7 or later.