Browse all 8 CVE security advisories affecting Sage. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sage is a business management software platform primarily used for accounting, ERP, and CRM systems. Historically, vulnerabilities have commonly included remote code execution, cross-site scripting, and privilege escalation, with 8 CVEs documented. The platform has faced security incidents, including authentication bypass flaws and insecure default configurations that could lead to unauthorized access. Sage's architecture often involves multiple interconnected modules, increasing attack surface complexity. Security researchers have identified issues in web interfaces, APIs, and database integrations. While no major public breaches have been widely reported, the consistent discovery of authentication-related vulnerabilities suggests ongoing challenges in secure implementation and patch management across the product ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-3183 | Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions — XRT TreasuryCWE-639 | 8.8 | - | 2018-07-24 |
This page lists every published CVE security advisory associated with Sage. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.