A Stored Cross-Site Scripting (XSS) vulnerability was found within SugarCRM. The vulnerability is exploited through the online Documents section of the application. By crafting a name that includes XSS code it is possible to inject malicious data, redirect the user to a bogus replica of the real website, or other nefarious activity.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**