CVE-2023-22952

Description

In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics