VYPR
Unrated severityNVD Advisory· Published Oct 27, 2023· Updated Sep 9, 2024

CVE-2023-46815

CVE-2023-46815

Description

An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using a crafted request, custom PHP code can be injected via the Notes module because of missing input validation. An attacker with regular user privileges can exploit this.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sugarcrm/Sugarcrmcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <12.0.4 or <13.0.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.