| |
Vulnerability CVE-2023-46815
Published: 2023-10-27
| Description: |
An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using a crafted request, custom PHP code can be injected via the Notes module because of missing input validation. An attacker with regular user privileges can exploit this. |
References: |
https://support.sugarcrm.com/resources/security/sugarcrm-sa-2023-011/
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
