SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field.
{ "cpes": [ "cpe:2.3:a:salesagility:suitecrm:7.11.23:*:*:*:*:*:*:*" ], "severity": "High" }