Unrated severityCISA KEVNVD Advisory· Published Jan 11, 2023· Updated Oct 21, 2025
CVE-2023-22952
CVE-2023-22952
Description
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.