Loading
phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).
Use CWE-79, Sugarcrm vendor hub and Sugarcrm product page to widen CVE-2018-5715 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-22952, CVE-2020-7472 and CVE-2023-46816 for nearby disclosures in the same product family.