Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
Remediation
References
Related Vulnerabilities
OpenSSL Out-of-bounds Read Vulnerability (CVE-2023-1255)
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-10082)
WordPress Plugin WordPress Users 'uid' Parameter SQL Injection (1.3)
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0027)