Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2023-35809
HistoryJun 17, 2023 - 12:00 a.m.

CVE-2023-35809

2023-06-1700:00:00
mitre
www.cve.org
2
sugarcrm
rest api
bean manipulation
vulnerability
input validation
custom php code

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges can be used to exploit this vulnerability. Editions other than Enterprise are also affected.

Related

prion 1
cve 1
zdt 1
packetstorm 1
nvd 1
prion
prion
Input validation
2023-06-17 22:15:00
cve
cve
CVE-2023-35809
2023-06-17 22:15:09
zdt
zdt
SugarCRM 12.2.0 Bean Manipulation Vulnerability
2023-08-24 00:00:00
packetstorm
packetstorm
SugarCRM 12.2.0 Bean Manipulation
2023-08-23 00:00:00
nvd
nvd
CVE-2023-35809
2023-06-17 22:15:09

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON
Related for CVELIST:CVE-2023-35809
prion1cve1zdt1packetstorm1nvd1