Security Advisory

CVE-2022-50590

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-06 19:59:36

Last updated 2025-11-28 17:44:13

Assigner VulnCheck

State PUBLISHED

Description

SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of the administrator.

← Browse all CVEs View on cve.org ↗