Lucene search
SapCVELIST:CVE-2019-0244HistoryJan 08, 2019 - 8:00 p.m.
CVE-2019-0244
2019-01-0820:00:00
sap
www.cve.org
6
EPSS
0.001
Percentile
26.1%
SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
CNA Affected
[
{
"product": "SAP CRM WebClient UI (SAPSCORE)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 1.12"
}
]
},
{
"product": "SAP CRM WebClient UI (S4FND)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 1.02"
}
]
},
{
"product": "SAP CRM WebClient UI (WEBCUIF)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.31"
},
{
"status": "affected",
"version": "< 7.46"
},
{
"status": "affected",
"version": "< 7.47"
},
{
"status": "affected",
"version": "< 7.48"
},
{
"status": "affected",
"version": "< 8.0"
},
{
"status": "affected",
"version": "< 8.01"
}
]
}
]Related
prion
prion
Cross site scripting
2019-01-08 20:29:00
nvd
nvd
CVE-2019-0244
2019-01-08 20:29:00
cve
cve
CVE-2019-0244
2019-01-08 20:29:00