CVE-2023-22952

⚠ KEVEPSS 92.8%

Multiple SugarCRM Products Remote Code Execution Vulnerability

Added to CISA KEV: 2/2/2023

Description

Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.

Affected packages (0)

No package mapping in OSV.