NuytsTech Security

CVE-2023-22952

by · Published · Updated

In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.

Date published : 2023-01-11

https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-001/

Tags: