SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Egidio Romano on Aug 11

SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability

*• Software Link:*

https://www.sugarcrm.com

*• Affected Versions:*

All versions prior to 10.1.0 (Q3 2020).

*• Vulnerability Description:*

User input passed through the encoded “current_post” parameter to
‘index.php’ (when “entryPoint” is set to “export” and “module” is set to
“Reports”) is not properly sanitized before being used to construct a…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source