Description
Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.
Remediation
References
Related Vulnerabilities
WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
Oracle Application Server CVE-2008-7236 Vulnerability (CVE-2008-7236)
Oracle JRE CVE-2022-21271 Vulnerability (CVE-2022-21271)
Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)