CVE-2011-0745
SugarCRM prior to 6.1.3 is affected by CVE-2011-0745. The issue arises when reloading or directly requesting a warning page produced by a duplicate-check, allowing remote authenticated users to see names they normally should not access: (1) customer names via ShowDuplicates in the Accounts module...