EUVD-2026-10440

🗓️ 10 Mar 2026 18:31:16Reported by EUVDType

Insufficient validation of query input enables unauthenticated dom based scripting with low impact.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2026-0489	10 Mar 202600:17	–	attackerkb
Circl	CVE-2026-0489	10 Mar 202600:00	–	circl
CNNVD	SAP Business One Job Service 跨站脚本漏洞	10 Mar 202600:00	–	cnnvd
CNVD	SAP Business One Job Service Cross-Site Scripting Vulnerability	17 Mar 202600:00	–	cnvd
CVE	CVE-2026-0489	10 Mar 202600:17	–	cve
Cvelist	CVE-2026-0489 DOM-based Cross-Site Scripting (XSS) Vulnerability in SAP Business One (Job Service)	10 Mar 202600:17	–	cvelist
EUVD	EUVD-2026-10441	10 Mar 202618:31	–	euvd
NCSC	Vulnerabilities fixed in SAP products	12 Mar 202607:24	–	ncsc
NVD	CVE-2026-0489	10 Mar 202617:31	–	nvd
Positive Technologies	PT-2026-24153	10 Mar 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "b4b4e385-9d66-34f3-9947-d2715cc62387",
        "vendor": {
          "name": "SAP_SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "60550ef1-df12-3cb3-802b-111348ba4378",
        "product": {
          "name": "SAP Business One (Job Service)"
        },
        "product_version": "B1_ON_HANA 10.0"
      },
      {
        "id": "d7f1b182-bb6d-3898-b399-c00482ae1888",
        "product": {
          "name": "SAP Business One (Job Service)"
        },
        "product_version": "SAP-M-BO 10.0"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3693543
url	www.url.sap/sapsecuritypatchday
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-0489

10 Mar 2026 18:31Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.1

EPSS0.00215

SSVC