Issue

Edit this page

> SuiteCRM 8 Guide > Administrator Guide > Releases > 8.8 Releases

8.8 Releases

8.8.1

Released 06 August 2025

Assets

Release Notes

Outbound Email Changes

You are now able to configure an Outbound Email Account with OAuth. To see more information on setup please see here.

Security

CVE: CVE-2025-54785: RCE Vulnerability | GitHub Advisory | Reporter: dzentota
CVE: CVE-2025-54786: Improper Access Control Vulnerability | GitHub Advisory | Reporter: sec31uk
CVE: CVE-2025-54787: Improper Access Control Vulnerability | GitHub Advisory | Reporter: paul1278
CVE: CVE-2025-54788: SQL Injection Vulnerability | GitHub Advisory | Reporter: Parnuski
CVE: CVE-2025-54783: XSS Vulnerability | GitHub Advisory | Reporter: Sergio Marín Martínez
CVE: CVE-2025-54784: XSS Vulnerability | GitHub Advisory | Reporter: paul1278

Bug Fixes

PR: 680 - Fix #543 - Enable stack trace debugging without whitescreens
PR: 681 - Fix #660 - Account Activity/History Subpanel actions no longer open
PR: 682 - Fix #675 - Implement semantic autocomplete for 2FA fields to prevent Firefox interference
PR: 683 - Fix #611 - Handle special characters in password authentication
PR: 614 - Fix #613 - Fixed Error Occurring If First Report Field Is a Custom Field
PR: 636 - Fix #575 - install page proceed button
PR: 635 - Fix #584 - buttons topover on role subpanel
PR: 634 - Fix #625 - Fix error on decimals
PR: 655 - Fix #566 - Add displayLogic to panels like tabs
PR: 657 - Fix #274, #503 - Listview accented characters
PR: 662 - Fix #540 - Remove title from svgs
PR: 669 - Fix #638 - Exception viewing Symfony Profiler
PR: 665 - Fix #664 - Ldap Autocreate extra fields
PR: 668 - Fix #137, #582 - Api Access issue in SuiteCRM 8
PR: 10599 - Fix Importing Error Styling
PR: 10565 - Fix #10564 - Thank you message in Surveys only in English
PR: 10549 - Fix variable name typo in getEmailInfo
PR: 10502 - Remove duplicate line
PR: 10480 - Fix #10479 - Call LoggerManager’s warn() method instead of warning()
PR: 10400 - Correctly find the id of related objects in search results
PR: 9810 - Fix #9809 - Incorrect parsing of 0 values in PDF templates
PR: 10662 - Fix #10661 - Fix preference on setting role
PR: 10660 - Fix Email Template not saving in plain text
PR: 10659 - Fix #10637 - Local users gets Profile wizard on each login
PR: 10309 - Fix #10264 - Error Assigned_user_name SearchView.tpl ({php} tag now crashes Smarty 4)
PR: 10476 - Fix #10475 - Rename the History subpanel by changing the label
PR: 10649 - Fix #8280 - Fix Autocomplete search in line items
PR: 10612 - Fix #10612 - Subpanels don’t show related records links when view permission is set to "group"
PR: 10607 - Fix #10606 - Recently viewed items tooltip shows module name instead of full record name
PR: 10625 - Fix #10624 - Prevent Multiple Submissions on Survey Forms
PR: 10538 - Fix #10243 - studio not saving field properties correctly
PR: 10285 - Fix non-countable error when importing CSV
PR: 10617 - Fix #10616 - Default values of DateTime always in English and value “first day of next month” gives an error
PR: 10648 - Fix #8632 - API V8 /meta/fields/{moduleName} endpoint output without field labels
PR: 10623 - Allow End Users to use the PATCH method for the V8 API
PR: 10601 - Fix #10113 - Contracts / List Items table for services has bogus width
PR: 10544 - Fix #10543 - Remove Security Groups button on subpanelsbased on EditView
PR: 10675 - Fix #10147, #10369 - Smarty unregistered function deprecated notice
PR: 10378 - Fix 10532, 10377 - Fix issues with global search not displaying values correctly
PR: 10700 - Fix #10345 - Azure OAuth Redirect Uri Entrypoint

Other Fixes:

Fix notice messages preventing importing.
Fix Importer progress bar using incorrect values.

Community

We would love to have your feedback and input to help make SuiteCRM 8 great for everyone.

Special thanks to the following members for their contributions and participation in this release!

boglar-gabor-echobase

Special thanks to everyone who reported the security issues addressed in this release!

If you have found an issue you think we should know about, or have suggestion/feedback, please Submit An Issue.

If you want to get involved and submit a fix, fork the repo and when ready please Submit A PR - More detail for developers can be found here.

Please visit the official website to find the appropriate upgrade package.

To report any security issues please follow our Security Policy

8.8.0

Released 30 January 2025

Assets

Release Notes

Changes on Upgrade Command/ Process

⚠️ Important: These changes will only apply when upgrading from an installed 8.8+ version to the next version

Starting with SuiteCRM 8.8.0 onwards, the upgrade process will now show a warning message with the non-core files that will be deleted on upgrade.
All language files within core directories are now re-added at the end of the upgrade process.
Changes to the upgrade process configuration. The following directories were added to the toKeep section:
- public/legacy/upload
- public/legacy/vendor
- .git
- .gitignore

Platform upgrade

SuiteCRM is now using angular 18. This brings some system requirement updates and breaking changes.

⚠️ Important: SuiteCRM is still using Webpack and Module Federation. We will not be using esbuild and Native Federation for the time being.

[For frontend development] Please check:

The Compatibility Matrix page for the updated versions of the required software.
The Frontend extension - Migrate to SuiteCRM 8.8+ section for more information on how to upgrade/migrate extensions.

System Requirement Changes - For development

Minimum node version - 20.11.1

The minimum node version is now 20.11.1.

Minimum yarn version - 4.5.0

The minimum yarn version is now 4.5.0.

Backward Incompatible Changes

Frontend common lib has been moved into core
- The common lib has been moved from core/app/common to core/app/core/src/lib/common/
- See the Frontend extension - Migrate to SuiteCRM 8.8+ section for more information.
The angular.json file is now generated
- The angular.json file is now a generated file and is no longer under version control.
- See the Frontend extension - Migrate to SuiteCRM 8.8+ section for more information.
The configuration for subpanel buttons widgets/stats is now under subpanelWidget
- The configuration key for subpanel button widgets has changed from insightWidget to subpanelWidget.

Documentation

We have added new documentation to set up Two-factor Authentication using TOTP on SuiteCRM 8 see the Two-factor Authentication section for more information.

Enhancements

PHP 8.3 Support

This release brings a number of adjustments and updates in order to support PHP 8.3.

This includes:

Removal of deprecated functions/ features.
Fixed code to eliminate warnings/ errors from logs.
Update missing labels

Filtering on Favorites

You can now filter by Favorites and My Items.

Two-Factor Authentication

We have added Two-factor authentication on SuiteCRM 8 using TOTP. See more information here.

⚠️ Important: For upgrades from 8.8-beta to 8.8.0 - Two Factor TOTP Secret and Backup Codes are now encoded in the db. This can cause issues when using 2FA configured in the beta. 2FA might need disabled and re-enabled.

Record View, Subpanel, Top Widget and Timeline Redesign

Record View
- The fields within the record view now take up minimal space, allowing you to see the full record.
- The required field indicator has been moved to the left of the field label.
Subpanels
- Subpanels buttons are now more compact and show the number of records a subpanel has.
- The number of subpanels that show when collapsed is configurable via the subpanel_buttons_panel_limits.yaml.
- Although it is recommended to do these changes within defaultExt or alternatively your own extension.
Timeline
- Following the other changes, the timeline is also more compact showing more information on the record without scrolling.
Top Widget
- The Top Widget has been moved to the insights panel, along with some styling adjustments.

Demo Data

SuiteCRM Demo Data has been updated to generate more date and optimized to run faster.

Log file Change

The log_dir has now been updated to log to <root>/logs/legacy instead of <root>/public/legacy.
For upgrade instances:
- The log_dir on config.php will be updated to a new path, only if it was using the default path.
- Old log files will not be moved

Performance Updates

Disabled zone js, for faster front-end performance.
Added a delay to non-critical backend calls such as; recently viewed, metadata, and notifications.

Record Mappers

Record Mappers have been added to allow for more flexibility when extending SuiteCRM. They allow to add code for mapping a record to internal or to external format.

See the Record Mappers section for more information.

Save Handlers

Save handlers are classes that allow the app to run code before or after saving a record. They are similar to the legacy before_save and after_save logic hooks.

See the Save Handlers section for more information.

Field Logic Update

There are now 3 different types of triggeringStatus:

onDependencyChange
- When the dependant field changes.
onAnyLogic
- When anything happens (i.e. value update, rendering fields, saving etc…).
onFieldInitialize
- When the Field is rendered (i.e. loading the recordview/ switching tabs on recordview).

Bug Fixes

Fixed: Subpanel not showing correctly on first load: #511
Fixed: Error field "amount" - SuiteCRM v. 8.5.1: #478
Fixed: Reorder modules from User profile does not change the order in navigation bar: #585
Fixed: Update scripts deletes files with no warning: #475
Fixed: Special character in database password creates issues: #533
Fixed: $addr creating unnecessary logs: #577
Fixed: Error on Email Detail View: #537
Fixed: Accented character (diacritic) displayed incorrectly: #542
Fixed: Accented letters displayed incorrectly: #583
Fixed: TextArea areas show data in html encoded: #589
Fixed: Views Incorrectly Encode UTF Characters as HTML Entities: #274
Fixed: Bug with the number field in case filters: #572
Fixed: Checkbox taking a while to respond with large data set: #597
Fixed: Update New Accounts per Month Chart: #75