CVE-2010-0465

2010-03-1919:00:00

mitre

www.cve.org

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.

References

secunia.com/advisories/38962

www.securityfocus.com/archive/1/510116/100/0/threaded

www.securityfocus.com/bid/38772

www.sugarcrm.com/crm/support/bugs.html?task=view&caseID=db4489b7-b5a8-4a6d-555b-4b9ffa7b4ffa