Description SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. Remediation References CVE-2020-17373 Related Vulnerabilities Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122) Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-3690) Nginx Other Vulnerability (CVE-2019-9513) WordPress Plugin NEX-Forms Lite-WordPress Contact Form builder Cross-Site Scripting (2.1.0) MySQL CVE-2015-4910 Vulnerability (CVE-2015-4910) Severity Medium Classification CVE-2020-17373 CWE-138 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Tags Missing Update Known Vulnerabilities