THREAT OPS › CVEs › CVE-2023-22952
CVE-2023-22952 — Multiple SugarCRM Products Remote Code Execution Vulnerability
Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.
Vulnerability details
- Affected productsMultiple Products
- KEV remediation due2023-02-23