CVE-2019-17318
SugarCRM fixed a SQL injection vulnerability in the pmse_Inbox module affecting versions 8.0.4 and 9.x before 9.0.2, exploitable by a Regular user via the module (CVE-2019-17318). Multiple connected sources corroborate the issue and target the pmse_Inbox component; no exploit details are provided...