Lucene search

K
cvelistSapCVELIST:CVE-2019-0369
HistoryOct 08, 2019 - 7:19 p.m.

CVE-2019-0369

2019-10-0819:19:11
sap
www.cve.org

EPSS

0.001

Percentile

22.7%

SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.

CNA Affected

[
  {
    "product": "SAP Financial Consolidation",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 10.0"
      },
      {
        "status": "affected",
        "version": "< 10.1"
      }
    ]
  }
]

EPSS

0.001

Percentile

22.7%

Related for CVELIST:CVE-2019-0369