AnsweredAssumed Answered

Possibility of SQL injection In CRM CE 6.5.22

Question asked by Madhusudan Singh on Jan 4, 2017
Latest reply on Jan 4, 2017 by sugar.dennis

Hi All,

 

we got a security alert from our security team that in SugarCRM CE 6.5.22 there is a possibility of SQL Injection. I have attached the testing report with this post. Testing team used Burp tool.

 

Please help me in this as we are not able to fix this and due to this our Production release is delayed.

Customer is saying to drop SugarCRM now. Please help

 

Thanks in advance.

Madhusudan Singh

Attachments

Outcomes