Description

Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0f and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in crafted email messages.

Remediation

References

CVE-2006-6712

Related Vulnerabilities

Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.7.14)

WordPress Plugin All-in-One WP Migration Security Bypass (2.0.4)

MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-0375)

WordPress Plugin Windsor Strava Athlete Unspecified Vulnerability (1.3.5)

WordPress Plugin eID Easy Cross-Site Scripting (4.6)

Severity

Medium

Classification

CVE-2006-6712

Tags

Missing Update Known Vulnerabilities