CVE-2019-0281

🗓️ 10 Jul 2019 18:46:17Reported by sapType

SAPUI5 and OpenUI5 XSS vulnerabilit

Reporter	Title	Published	Views	Family All 6
BDU FSTEC	The vulnerabilities of the OpenUI5 and SAPUI5 software platforms stem from deficiencies in the encryption of user-input data, allowing attackers to carry out cross-site scripting attacks.	17 Feb 202000:00	–	bdu_fstec
CVE	CVE-2019-0281	10 Jul 201918:46	–	cve
EUVD	EUVD-2019-1054	7 Oct 202500:30	–	euvd
NVD	CVE-2019-0281	10 Jul 201919:15	–	nvd
Prion	Cross site scripting	10 Jul 201919:15	–	prion
RedhatCVE	CVE-2019-0281	22 May 202508:25	–	redhatcve

[
  {
    "product": "OpenUI5",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "1.38.39"
      },
      {
        "status": "affected",
        "version": "1.44.39"
      },
      {
        "status": "affected",
        "version": "1.52.25"
      },
      {
        "status": "affected",
        "version": "1.60.6"
      },
      {
        "status": "affected",
        "version": "1.63.0"
      }
    ]
  },
  {
    "product": "SAPUI5",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "1.38.39"
      },
      {
        "status": "affected",
        "version": "1.44.39"
      },
      {
        "status": "affected",
        "version": "1.52.25"
      },
      {
        "status": "affected",
        "version": "1.60.6"
      },
      {
        "status": "affected",
        "version": "1.63.0"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/109077
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/

10 Jul 2019 18:56Current

6Medium risk

Vulners AI Score6

EPSS0.00276