XSS in the client account page in SuiteCRM before 7.11.19 allows an attacker to inject JavaScript via the name field
Published April 30, 2021.
Salesagility Suitecrm