CVE-2026-29099— SuiteCRM SQL注入漏洞

SuiteCRM has Authenticated Blind SQL Injection in OutboundEmail Legacy Functionality.

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the `retrieve()` function in `include/OutboundEmail/OutboundEmail.php` fails to properly neutralize the user controlled `$id` parameter. It is assumed that the function calling `retrieve()` will appropriately quote and sanitize the user input. However, two locations have been identified that can be reached through the `EmailUIAjax` action on the `Email()` module where this is not the case. As such, it is possible for an authenticated user to perform SQL injection through the `retrieve()` function. This affects the latest major versions 7.15 and 8.9. As there do not appear to be restrictions on which tables can be called, it would be possible for an attacker to retrieve arbitrary information from the database, including user information and password hashes. Versions 7.15.1 and 8.9.3 patch the issue.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

SuiteCRM SQL注入漏洞

SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.15.1之前版本和8.9.3之前版本存在SQL注入漏洞，该漏洞源于include/OutboundEmail/OutboundEmail.php中的retrieve()函数未能正确中和用户控制的$id参数，可能导致经过身份验证的用户通过retrieve()函数执行SQL注入，从而从数据库中检索任意信息。

N/A

N/A