This communication was sent 17 July 2024. Notice 24-OG | 17 Jul 2024 Sage CRMSage take the security of its customer solutions extremely seriously, and regularly undertakes proactive testing across its products to identify potential vulnerabilities and provide fixes. We wanted to let you know that two patches are now available, to address and perform additional checks, in connection with a SQL injection vulnerability are now available. The important stuffTwo patches for Sage CRM are now available these cover: These should be applied to all customers sites to minimise risk, and as soon as possible. The following direct upgrade paths are supported: - 2022 R1 > 2022 R2.5
- 2022 R2 > 2022 R2.5
- 2023 R1 > 2023 R2.3
- 2023 R2 > 2023 R2.3
Version 2024 R1 and later versions are not affected by this advisory, no action is required. You can see more in our Sage Community hub post. Questions?If you have any questions, please speak to your Partner Account Manager in the first instance. If the question is of a technical nature, then please raise a case with our Technical Support Team. Kind regards Sage Products & Services Team |