SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
[
{
"product": "SAP Supplier Relationship Management (Master Data Management Catalog) (SRM_MDM_CAT)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 3.73"
},
{
"status": "affected",
"version": "< 7.31"
},
{
"status": "affected",
"version": "< 7.32"
}
]
}
]