Exploits / Vulnerability Discovered : 2018-10-12 |
Type : webapps |
Platform : php
This exploit / vulnerability Sugarcrm 6.5.26 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
# Description
# A vulnerability in uploader.swf, io.swf and flashcanvas.swf in SugarCRM Community Edition 6.5.26
# could allow an unauthenticated, remote attacker to conduct a cross-site scripting
# (XSS) attack on a targeted system.
# SugarCRM Community Edition 6.5 had reached its end-of-life and is no longer supported.
# 6.5.26 is the last version and no patches will be provided by the vendor.