{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T05:16:31.509","vulnerabilities":[{"cve":{"id":"CVE-2020-36501","sourceIdentifier":"cve@mitre.org","published":"2021-10-22T20:15:11.690","lastModified":"2024-11-21T05:29:40.893","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in the Support module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en el módulo de Soporte de SugarCRM versión v6.5.18, permiten a atacantes ejecutar scripts web arbitrarios o HTML por medio de cargas útiles diseñadas introducidas en los campos de entrada primary address state or alternate address state"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sugarcrm:sugarcrm:6.5.18:*:*:*:*:*:*:*","matchCriteriaId":"FE6D1FAF-2303-4975-B48C-86834E2A61F5"}]}]}],"references":[{"url":"https://www.vulnerability-lab.com/get_content.php?id=2249","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.vulnerability-lab.com/get_content.php?id=2249","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}