CVE-2019-17294
CVE-2019-17294 – SugarCRM export SQL injection is reported in SugarCRM before 8.0.4 and 9.x before 9.0.2. The issue arises in the export function, where a Regular user can exploit insufficient input validation to inject SQL. The cited sources consistently describe an authenticated, regular-user p...