Overview :
SuiteCRM Lists Latest Updates of XSS / SSRF Vulnerabilities
Affected Product(s) :
  • SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20
  • SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7
Vulnerability Details :
CVE ID : CVE-2019-14454
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.
CVE ID : CVE-2019-13335
SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.

Solution :

*** update to the latest patches ***