4 matches found
SugarCRM 12.2.0 Bean Manipulation Vulnerability
------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...
SugarCRM 12.2.0 Bean Manipulation
------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...
CVE-2023-35809
CVE-2023-35809 — SugarCRM Bean Manipulation via REST API is documented to affect SugarCRM Enterprise versions prior to 11.0.6 and 12.x prior to 12.0.3. The root cause is missing input validation in the REST API, enabling a crafted request to inject and execute custom PHP code with regular user pr...
CVE-2023-35809
An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges...