Lucene search
SapCVELIST:CVE-2022-27656HistoryMay 11, 2022 - 2:53 p.m.
CVE-2022-27656
2022-05-1114:53:55
CWE-79
sap
www.cve.org
2
sap
web dispatcher
icm
xss
vulnerability
EPSS
0.001
Percentile
33.5%
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
CNA Affected
[
{
"product": "SAP NetWeaver AS for ABAP and Java (ICM Administration UI)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "KRNL64 8.04"
},
{
"status": "affected",
"version": "7.22"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "8.04"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
},
{
"status": "affected",
"version": "7.87"
}
]
},
{
"product": "SAP Web Dispatcher (Web Administration UI)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.22_EXT"
}
]
}
]Related
prion
prion
Cross site scripting
2022-05-11 15:15:00
nessus
nessus
SAP NetWeaver AS Java XSS (3145046)
2022-05-13 00:00:00
cve
cve
CVE-2022-27656
2022-05-11 15:15:09
nvd
nvd
CVE-2022-27656
2022-05-11 15:15:09