Security Advisory

CVE-2023-22952

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-11 00:00:00
Last updated 2025-10-21 23:15:28
Assigner mitre
State PUBLISHED

Description

In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.

← Browse all CVEs View on cve.org ↗