← Back to CVE List
CVE-2023-22952
Published:
2023-01-11T09:15Z
Last Modified:
2025-03-14T20:00Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt