Lucene search
China National Vulnerability DatabaseCNVD-2022-88972HistoryOct 13, 2022 - 12:00 a.m.
SAP Data Services Management Cross-Site Scripting Vulnerability
2022-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
sap
data services
cross-site scripting
vulnerability
management software
german company
filtering
user-supplied data
attack
0.001 Low
EPSS
Percentile
33.5%
SAP Data Services Management is a data services management software from SAP, a German company. A cross-site scripting vulnerability exists in SAP Data Services Management versions 4.2 and 4.3 to help ensure that multiple, potentially inconsistent versions of data are not used in different parts of the business, including processes, operations, analytics, and reporting. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data, which could be exploited by an attacker logged into the management console to copy data from a request and display it back to the application’s immediate response, launching a cross-site attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sap data services management | eq | 4.2 | |
| sap data services management | eq | 4.3 |
Related
nvd
nvd
CVE-2022-35226
2022-10-11 21:15:12
prion
prion
Cross site scripting
2022-10-11 21:15:00
cve
cve
CVE-2022-35226
2022-10-11 21:15:12
cvelist
cvelist
CVE-2022-35226
2022-10-11 00:00:00