Back to search
CVE-2023-22952
Published: Jan 11, 2023
Modified: Oct 21, 2025
PUBLISHED
Description
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now