Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x prior to 5.2.0l and 5.5.x prior to 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sugarcrm sugarcrm 5.2c |
||
sugarcrm sugarcrm 5.2d |
||
sugarcrm sugarcrm 5.2.0g |
||
sugarcrm sugarcrm 5.2a |
||
sugarcrm sugarcrm 5.5 |
||
sugarcrm sugarcrm 5.5.0 |
||
sugarcrm sugarcrm 5.2g |
||
sugarcrm sugarcrm 5.2h |
||
sugarcrm sugarcrm 5.2e |
||
sugarcrm sugarcrm 5.2f |