VYPR

RSSDashlet

by Sugarcrm

CVEs (1)

  • CVE-2014-3244CriFeb 1, 2018
    risk 0.64cvss 9.8epss 0.05

    XML external entity (XXE) vulnerability in the RSSDashlet dashlet in SugarCRM before 6.5.17 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.