CVE List

CVE-2019-17317

Critical 7.2

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user.

Published October 7, 2019.

Affected software

Sugarcrm Sugarcrm

Reference links

Sign Up for Alerts