EPSS
Percentile
95.7%
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
twitter.com/purplemet/status/1043979681186369537
www.exploit-db.com/exploits/45594/
www.purplemet.com/blog/sugarcrm-multiple-xss-vulnerabilities