2 matches found
CVE-2019-17298
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user...
CVE-2019-17298
SugarCRM is affected in versions prior to 8.0.4 and 9.x prior to 9.0.2. The vulnerability is an SQL injection in the Administration module exploitable by a Developer user. Root cause: insufficient input validation in the vulnerable path leads to injectable SQL. Impact per disclosed references inc...