Description
Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Banner Effect Header Cross-Site Request Forgery (1.2.6)
PHP Other Vulnerability (CVE-2002-2215)
WordPress Plugin Rencontre-Dating Site Security Bypass (1.6.9)
WordPress Plugin Yoast SEO Cross-Site Scripting (3.2.5)
WordPress Plugin Google Calendar Events Cross-Site Scripting (2.0.3.1)