SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
Posted by Egidio Romano on Aug 11
SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
*• Software Link:*
https://www.sugarcrm.com
*• Affected Versions:*
All versions prior to 10.1.0 (Q3 2020).
*• Vulnerability Description:*
User input passed through the encoded “current_post” parameter to
‘index.php’ (when “entryPoint” is set to “export” and “module” is set to
“Reports”) is not properly sanitized before being used to construct a…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.