CVE-2019-14974: XSS
First published: Wed Aug 14 2019(Updated: )
SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sugarcrm Sugarcrm | =9.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SugarCRM vulnerability?
The vulnerability ID for this SugarCRM vulnerability is CVE-2019-14974.
What is the title of this vulnerability?
The title of this vulnerability is 'SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS.'
What is the severity of CVE-2019-14974?
The severity of CVE-2019-14974 is medium.
How can this vulnerability be exploited?
This vulnerability can be exploited by injecting malicious code into the mobile/error-not-supported-platform.html?desktop_url= parameter.
Is there a fix available for this vulnerability?
There may be a fix available for this vulnerability. It is recommended to check with the vendor for any available patches or updates.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sugarcrm
- canonical/sugarcrm sugarcrm
- version/sugarcrm sugarcrm/9.0.0