CVE-2019-17292
CVE-2019-17292: SugarCRM versions pre-8.0.4 and 9.x pre-9.0.2 are vulnerable to SQL injection via the pmse_Inbox module, exploitable by an Admin user. This is supported by multiple connected records (NVD, RH, CNVD, CVE lists). The vulnerability is due to improper input handling in that module and...