CVE-2019-0368

🗓️ 08 Oct 2019 19:17:44Reported by sapType

SAP CRM Email Management XSS vulnerabilit

Reporter	Title	Published	Views	Family All 7
BDU FSTEC	The vulnerability of the SAP Customer Relationship Management software lies in the lack of measures for cleaning incoming data, which allows attackers to perform cross-site scripting attacks.	8 Jan 202000:00	–	bdu_fstec
CVE	CVE-2019-0368	8 Oct 201919:17	–	cve
EUVD	EUVD-2019-1141	7 Oct 202500:30	–	euvd
NVD	CVE-2019-0368	8 Oct 201920:15	–	nvd
Prion	Cross site scripting	8 Oct 201920:15	–	prion
RedhatCVE	CVE-2019-0368	22 May 202507:37	–	redhatcve
Symantec	SAP Customer Relationship Management CVE-2019-0368 Cross Site Scripting Vulnerability	8 Oct 201900:00	–	symantec

[
  {
    "product": "SAP Customer Relationship Management (Email Management - S4CRM)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.0"
      },
      {
        "status": "affected",
        "version": "< 2.0"
      }
    ]
  },
  {
    "product": "SAP Customer Relationship Management (Email Management - BBPCRM)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.0"
      },
      {
        "status": "affected",
        "version": "< 7.01"
      },
      {
        "status": "affected",
        "version": "< 7.02"
      },
      {
        "status": "affected",
        "version": "< 7.12"
      },
      {
        "status": "affected",
        "version": "< 7.13"
      },
      {
        "status": "affected",
        "version": "< 7.14"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/

08 Oct 2019 19:17Current

5.4Medium risk

Vulners AI Score5.4

EPSS0.00287