SAP Data Services Management is a data services management software from SAP, a German company. A cross-site scripting vulnerability exists in SAP Data Services Management versions 4.2 and 4.3 to help ensure that multiple, potentially inconsistent versions of data are not used in different parts of the business, including processes, operations, analytics, and reporting. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data, which could be exploited by an attacker logged into the management console to copy data from a request and display it back to the application’s immediate response, launching a cross-site attack.
CPE | Name | Operator | Version |
---|---|---|---|
sap data services management | eq | 4.2 | |
sap data services management | eq | 4.3 |