PT-2025-29387 · Sugarcrm · Sugarcrm
Published
2025-07-13
·
Updated
2025-07-14
·
CVE-2024-58258
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
SugarCRM versions prior to 13.0.4
SugarCRM versions 14.x prior to 14.0.1
Description:
The software contains a Server-Side Request Forgery (SSRF) issue in the API module due to a limited type of code injection.
Recommendations:
Update to SugarCRM version 13.0.4 or later.
Update to SugarCRM version 14.0.1 or later.
Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sugarcrm