CVE-2024-58258 Information

Description

SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.

Reference

https://support.sugarcrm.com/resources/security/sugarcrm-sa-2024-059/

Related CNNVD

CNNVD-202507-1790 (Published: 2025-07-13)