Even though I have enabled captcha, some spammers are able to directly create leads. They are somehow bypassing the captcha. I think this is a serious problem and should not be allowed. This most certainly is a security risk. Is there some back door to SuiteCRM that people can use? How do I prevent this?
Although we appreciate our users bringing forward potential security issues and concerns we do ask for the opportunity for our security team to resolve said issues before being released publicly. As such I have unlisted this post and I ask that this and any future security concerns you may identify are handled via the process listed here - Raising Issues :: SuiteCRM Documentation
Just to be sure, do you want me to email the details to the listed email? Can’t I just forward the link to this page to the security team? I don’t have the screenshot saved on my computer…
I will end up removing this message once we get an email to ensure we have complete tracking so copying your message into an email would be appreciated. In regards to the image, you should be able to right-click and save the image.