SugarCRM Improper Input Validation Vulnerability - CVE-2017-14509

An issue was discovered in SugarCRM before 7.7.2.3 7.8.x before 7.8.2.2 and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a moduleCallRestampurl query string. Proper input validation has been added to mitigate this issue.