CVE-2024-50332

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.14.6 SuiteCRM versions prior to 8.7.1

Description: The issue is caused by insufficient input value validation, leading to Blind SQL injection in the DeleteRelationShip function. This allows for potential exploitation. Users are advised to upgrade to address the issue.

Recommendations: For versions prior to 7.14.6, upgrade to version 7.14.6 or later. For versions prior to 8.7.1, upgrade to version 8.7.1 or later. As a temporary workaround, consider restricting access to the DeleteRelationShip function until a patch is applied.