Home

CVE-2019-17313

Description

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.629

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in SugarCRM 7.9.4.99Windows
Multiple Vulnerabilities are affected in SugarCRM 8.0.3Windows
Multiple Vulnerabilities are affected in SugarCRM 9.0.1Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234