A cross-site scripting vulnerability exists in SAP Cloud Connector version 2.0, which stems from a program that does not adequately encode user-controlled input and could be exploited by an attacker with administrator privileges to store malicious code in the database An attacker with administrator privileges could store malicious code in the database and execute it in the application when accessed, resulting in a stored cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
sap cloud connector | eq | 2.0 |