CVE-2023-22952CISA KEV: Actively Exploited

Multiple SugarCRM Products Remote Code Execution Vulnerability

Published Feb 2, 2023·Updated Feb 2, 2023

Description

Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free