Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-58258

SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.

Published

2025-07-13T22:15:23.090

Last Modified

2025-07-15T13:14:24.053

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Primary
CWE-94

Affected Vendors & Products

-

References

https://support.sugarcrm.com/resources/security/sugarcrm-sa-2024-059/ ([email protected])