CVE-2018-5715

Name of the Vulnerable Software and Affected Versions: SugarCRM version 3.5.1

Description: The issue is related to a XSS problem. It occurs via a parameter name in the query string, specifically through the $key variable in the phprint.php file.

Recommendations: For SugarCRM version 3.5.1, consider restricting access to the phprint.php file until a patch is available, and avoid using user-supplied input for the $key variable to minimize the risk of exploitation.