Description

Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0f and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in crafted email messages.

Remediation

References

CVE-2006-6712

Related Vulnerabilities

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)

MySQL CVE-2016-3501 Vulnerability (CVE-2016-3501)

Django Improper Input Validation Vulnerability (CVE-2010-4535)

WordPress Plugin Bitcoin Satoshi Tools:Faucets, Visitor Rewarder, Satoshi Games, Referral Program Cross-Site Request Forgery (1.7.0)

WordPress Plugin Post Content XMLRPC SQL Injection (1.0)

Severity

Medium

Classification

CVE-2006-6712

Tags

Missing Update Known Vulnerabilities