{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29100", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-03T21:54:06.708Z", "datePublished": "2026-03-19T22:48:49.821Z", "dateUpdated": "2026-03-19T22:48:49.821Z"}, "containers": {"cna": {"title": "SuiteCRM has Reflected HTML Injection in Login Page via default_user_name Parameter", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-g7hf-3j93-rwm5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-g7hf-3j93-rwm5"}], "affected": [{"vendor": "SuiteCRM", "product": "SuiteCRM", "versions": [{"version": "< 7.15.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T22:48:49.821Z"}, "descriptions": [{"lang": "en", "value": "SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Version 7.15.1 patches the issue."}], "source": {"advisory": "GHSA-g7hf-3j93-rwm5", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Version 7.15.1 patches the issue."}], "id": "CVE-2026-29100", "lastModified": "2026-03-20T13:37:50.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-19T23:16:42.080", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-g7hf-3j93-rwm5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,7.15.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "SuiteCRM", "source": "cna", "vendor": "SuiteCRM"}, "product": "suitecrm", "vendor": "suitecrm"}], "analysis": {"en": {"generated_at": "2026-03-20T00:26:03.411002+00:00", "value": {"mitigation_remediation": ["Upgrade to SuiteCRM version 7.15.1 or later"], "summary": {"action": "Patch Immediately", "impact": "Reflected XSS enabling phishing and page defacement"}, "threat_synthesis": {"affected_systems": "The affected product is SuiteCRM (SuiteCRM). The specific vulnerable version is 7.15.0, while version 7.15.1 contains the patch.", "description_and_impact": "SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page triggered via the default_user_name parameter. The flaw allows an attacker to inject arbitrary HTML content into the login page, which can be leveraged to carry out phishing attacks or deface the page. This is a classic reflected XSS weakness (CWE-79) that can potentially affect any user who visits the compromised login URL with a crafted payload.", "risk_and_exploitability": "The vulnerability has a CVSS score of 7.1, indicating a medium-to-high severity. No EPSS score is available, and it is not listed in CISA\u2019s KEV catalog, suggesting no confirmed exploitation. The attack vector is remote and only requires a malicious URL to be accessed, making exploitation straightforward for an attacker who can lure users to the login page."}}}}, "created": "2026-03-20T08:54:35.572425+00:00", "updated": "2026-03-20T10:44:03.646148+00:00", "vendors": ["suitecrm", "suitecrm$PRODUCT$suitecrm"]}