CVE-2024-49772

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions 7.14.4

Description: The issue is related to poor input validation, allowing an authenticated user to perform a SQL injection attack. This can result in an authenticated user with low privilege being able to leak all data in the database.

Recommendations: For SuiteCRM version 7.14.4, upgrade to version 7.14.6 or 8.7.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database data until the upgrade is applied.