CVE-2025-64488 | SuiteCRM up to 7.14.7/8.9.0 call_id sql injection (GHSA-5v53-v44q-ww2c)

A vulnerability labeled as critical has been found in SuiteCRM up to 7.14.7/8.9.0. Impacted is an unknown function. Executing manipulation of the argument call_id can lead to sql injection.

This vulnerability is registered as CVE-2025-64488. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More