Cross-Site Scripting (XSS) Vulnerabilities in YUI and FlashCanvas in SugarCRM Community Edition 6.5.26

Cross-Site Scripting (XSS) Vulnerabilities in YUI and FlashCanvas in SugarCRM Community Edition 6.5.26

CVE-2018-17784 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.

Learn more about our Crm Penetration Testing.