2 matches found
CVE-2019-17301
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user...
CVE-2019-17301
CVE-2019-17301 affects SugarCRM before 8.0.4 and 9.x before 9.0.2, allowing a PHP code injection in the ModuleBuilder module by an Admin user. The issue originates from inadequate input handling in ModuleBuilder, as described in multiple sources. CVSS indicates moderate to high impact: CVSS v3.1 ...