← Back ⬡ Vulnerabilities & CVEs Mar 20, 2026

CVE-2026-29106 | SuiteCRM up to 7.15.0/8.9.2 Content Security Policy return_id cross site scripting (GHSA-7qrj-5hj6-7c2m)

VulDB Archived Mar 20, 2026 ! Full text unavailable

A vulnerability, which was classified as problematic , has been found in SuiteCRM up to 7.15.0/8.9.2 . This affects an unknown function of the component Content Security Policy Handler . Performing a manipulation of the argument return_id results in cross site scripting. This vulnerability is known as CVE-2026-29106 . Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

Full text unavailable — view original

✦ AI Summary · Claude Sonnet

◉Full text unavailable.
Open original ↗

💬 Team Notes