CVE advisoryCRITICAL
CVE-2022-50589
SuiteCRM SQL Injection Allows Remote Code Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A SQL injection vulnerability in SuiteCRM's export feature allows unauthenticated remote attackers to execute arbitrary code. This affects versions before 7.12.6 and is a critical issue because it can compromise system integrity and data confidentiality.