Description SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. Remediation References CVE-2020-17373 Related Vulnerabilities MySQL CVE-2014-0393 Vulnerability (CVE-2014-0393) Django Improper Input Validation Vulnerability (CVE-2014-3730) XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613) PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-2510) MySQL CVE-2022-21367 Vulnerability (CVE-2022-21367) Severity Medium Classification CVE-2020-17373 CWE-138 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities