CVE-2019-17295
SugarCRM is affected by CVE-2019-17295, with vulnerable versions including SugarCRM before 8.0.4 and 9.x before 9.0.2. The flaw enables SQL injection in the history function by a Regular user due to insufficient input validation, as documented across multiple sources (including the CVE record and...