CVE-2019-17296

CVE-2019-17296

EPSS 1.2%

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-023/