CVE-2023-22952

Multiple SugarCRM Products Remote Code Execution Vulnerability

Description

Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.

Severity: HIGH

CVSS Score: 8.8

Vendor: SugarCRM

Product: Multiple Products