Description

SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.

Remediation

References

CVE-2020-17373

Related Vulnerabilities

Joomla CVE-2017-14595 Vulnerability (CVE-2017-14595)

WordPress Plugin Rating-Widget:Star Review System Cross-Site Scripting (2.8.8)

Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)

WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Cross-Site Scripting (1.7.18)

MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2008-3963)

Severity

Medium

Classification

CVE-2020-17373 CWE-138 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities